8 - 24 CHAPTER 8: A DVANCED CONFIGURATION FEATURESthe OfficeConnect Gateway menu bar to permanently save your VPNtunnel configuration information.Configuring YourIPSec SettingsTo configure and customize the IPSEC settings for your VPN, perform thefollowing steps:1 Select the appropriate re-key setting (Re-key every KB/Disable re-key) forthe IPSec encryption key from the Key Lifetime KB drop-down menu.This parameter is applied to the volume of IP packets travelling across thetunnel. The default value is Disable re-key. If you select Re-key every KB,the field will dynamically change to allow you to specify a value for thenumber of KBs (kilobytes of packet data) transported before re-keying isrequired.2 Select the appropriate re-key setting (Re-key every minutes/Disablere-key) for the IPSec encryption key from the Key Lifetime Minutesdrop-down menu.This parameter is applied to the time interval the tunnel is active. Thedefault value is for this parameter is Disable re-key. If you select Re-keyevery Minutes, the field will dynamically change to allow you to specify avalue for the number of minutes the tunnel is active before re-keying isrequired.3 Select the appropriate Diffie-Hellman group (Mod1/Mod2) from theDiffie-Hellman Group drop-down list.4 Select the appropriate IPSec protocol from the Protocol drop-down menu.The default is ESP (Encapsulation Security Payload).ESPIf you select ESP, the page will dynamically change to show the ESPparameters. Select an encapsulation type (Tunnel or Transport) from theEncapsulation drop-down menu. Tunnel mode encrypts both the headerand the payload of each packet. Transport mode encrypts only the dataportion of each packet.The Transport Mode can only be used for end-to-end IPSec tunnels, notgateway-to-gateway tunnels. A possible use for Transport Mode wouldbe to protect the traffic through the Web Configurator or the CommandLine Interface (CLI via Telnet).Select an authentication algorithm (None, MD5, SHA1) from the Hash