The IKE Policy is used for phases one and two negotiation of the VPN connection. The user can specify both the authentication and encryption algorithms for connections.
Networking > VPN Services > IKE Policies lists all IKE Policies (Internet Key Exchange) (Figure 1), which are used to authenticate IPsec peers. The user can click to the right for more actions, as shown in the image below (Figure 2).
Figure 1. List of IKE Policies
Figure 2. Edit or delete an IKE Policy
Create a new IKE Policy by clicking the creation button at the top of the IKE Policies page (Figure 3).
Figure 3. Create new IKE Policy - button
When creating a new IKE Policy the user should choose the settings for the IKE Policy (Figure 4).
- Name: Name of the IKE policy
- Region: Datacenter
- Authorization algorithms: Authentication algorithm ( SHA1)
- Encryption algorithm: 3DS, AES-128, AES-196, AES-256
- Perfect Forward Secrecy (PFS): Group 2, Group 5, Group 14
- Lifetime: IKE lifetime attributes. In seconds.
- IKE version: IKE version for the policy;
Version 1, Version 2
- IKE Phase1 Negotiation Mode: Main (default)
Figure 4. Create an IKE Policy