Product Documentation

How to Enable and Configure Virtual WAN Security and Encryption (Optional)

To enable and configure Virtual WAN security and encryption, do the following:


Enabling Virtual WAN security and encryption is optional.

  1. At the top of the Global tree of the Configuration Editor, click + to the left of the Virtual WAN Network Settings branch.

    This opens the branch and displays the Global Security Settings configuration form.

    localized image

  2. Click Edit (pencil icon) to enable editing for the form.

  3. Enter your global security settings.

    The options are as follows:

    • Network Encryption Mode – This is the encryption algorithm used for encrypted paths. Select one of the following from the drop-down menu: AES 128-Bit or AES 256-Bit.

    • Enable Encryption Key Rotation  – When enabled, encryption keys are rotated at intervals of 10 to 15 minutes.

    • Enable Extended Packet Encryption Header  – When enabled, a 16 byte encrypted counter is prepended to encrypted traffic to serve as an initialization vector, and randomize packet encryption.

    • Enable Extended Packet Authentication Trailer  – When enabled, an authentication code is appended to the contents of the encrypted traffic to verify that the message is delivered unaltered.

    • Extended Packet Authentication Trailer Type  – This is the type of trailer used to validate packet contents. Select one of the following from the drop-down menu: 32-Bit Checksum or SHA-256.

  4. Click Apply to apply your settings to the configuration.

    This completes the configuration of the MCN site. The next step is to name and save the new MCN site configuration (optional, but strongly recommended), as described in the following section.


    If your console session times out or you log out of the Management Web Interface before saving your configuration, any unsaved configuration changes will be lost. You must then log back into the system, and repeat the configuration procedure from the beginning. For that reason, it is strongly recommended that you save the configuration package often, or at key points in the configuration.


How to Enable and Configure Virtual WAN Security and Encryption (Optional)

In this article