Once authenticated, the two nodes or gateways negotiate the methods of encryption and data verification (using a hash function) to be used on the data passed through the VPN and negotiate the number of secure associations (SAs) in the tunnel and their lifetime before requiring renegotiation of the encryption/decryption keys. The nodes or gateways on either end of the tunnel authenticate with each other, exchange encryption/decryption keys, and establish the secure tunnel. IKE Phase 1 is the authentication phase.IKE version 1 uses a two phase process to secure the VPN tunnel. SonicOS supports two versions of IKE, version 1 and version 2. Unless you use a manual key (which must be typed identically into each node in the VPN) The exchange of information to authenticate the members of the VPN and encrypt/decrypt the data uses the Internet Key Exchange (IKE) protocol for exchanging authentication information (keys) and establishing the VPN tunnel. Encryption: The traffic in the VPN tunnel is encrypted, using an encryption algorithm such as AES or 3DES.This phase must be successful before the VPN tunnel can be established. ![]()
0 Comments
Leave a Reply. |