Policy Group Name
|
Specifies the name of the IPSec policy group. The name can
contain only letters, digits, and hyphens.
|
Policy Name
|
Specifies the name of the IPSec policy. The name can contain
only letters, digits, and hyphens.
|
Authentication Method
|
Specifies the authentication method.
|
Preshared Key
|
Specifies the preshared key if you selected Pre-shared Key in
the Authentication Name field.
Note
|
Pre-shared IPSec keys can contain alphanumeric characters and
hyphens only, not white spaces or any other characters. If you are migrating
from a Windows-based version of
Unified CCX, you may need to
change the name of your pre-shared IPSec keys, so they are compatible with
current versions of
Unified CCX.
|
|
Peer Type
|
Specifies whether the peer is the same type or different.
|
Certificate Name
|
If you
choose Different for the Peer Type, enter the new certificate name.
|
Destination Address
|
Specifies the IP address or FQDN of the destination.
|
Destination Port
|
Specifies the port number at the destination.
|
Source Address
|
Specifies the IP address or FQDN of the source.
|
Source Port
|
Specifies the port number at the source.
|
Mode
|
Specifies Transport mode.
|
Remote Port
|
Specifies the port number to use at the destination.
|
Protocol
|
|
Encryption Algorithm
|
From the
drop-down list, choose the encryption algorithm. Choices include
|
Hash Algorithm
|
Specifies the hash algorithm:
|
ESP Algorithm
|
From
the drop-down list, choose the ESP algorithm. Choices include
-
NULL_ENC
-
DES
-
3DES
-
BLOWFISH
-
RIJNDAEL
|
Phase One Life Time
|
Specifies the lifetime for phase One, IKE negotiation, in
seconds.
|
Phase One DH
|
From
the drop-down list, choose the phase One DH value. Choices include: 2, 1, and
5.
|
Phase Two Life Time
|
Specifies the lifetime for phase Two, IKE negotiation, in
seconds.
|
Phase Two DH
|
From
the drop-down list, choose the phase Two DH value. Choices include: 2, 1, and
5.
|
Enable Policy
|
Check
the check box to enable the policy.
|