# IPSec parameters

<table><thead><tr><th width="149">Object Name</th><th width="169">Customer's Device</th><th>HI GIO</th><th>HI GIO support</th><th width="183">Description</th></tr></thead><tbody><tr><td><strong>VPN Tunnel Name</strong></td><td></td><td></td><td></td><td></td></tr><tr><td><strong>Enabled</strong> </td><td></td><td></td><td></td><td>Turn on / off the tunnel</td></tr><tr><td><strong>Authentication</strong></td><td></td><td></td><td>Pre-Shared Key, Certificate</td><td>How to authenticate parties when raising a tunnel</td></tr><tr><td><strong>Local Endpoint IP Address</strong></td><td></td><td></td><td></td><td>The public IP address from HI GIO</td></tr><tr><td><strong>Local Endpoint Network</strong></td><td></td><td></td><td></td><td>List of the network share in the HI GIO cloud accessible through the tunnel</td></tr><tr><td><strong>Remote Endpoint IP Address</strong></td><td></td><td></td><td></td><td>The public IP address of the remote router from which you are connecting</td></tr><tr><td><strong>Remote Endpoint Network</strong></td><td></td><td></td><td></td><td>List of remote networks accessible through the tunne</td></tr><tr><td><strong>Remote ID (Optional)</strong></td><td></td><td></td><td></td><td></td></tr><tr><td></td><td></td><td></td><td></td><td></td></tr></tbody></table>

<mark style="color:green;">**IKE Profile (Phase 1)**</mark>

<table><thead><tr><th width="199">Object Name</th><th>Customer's Device</th><th>HI GIO</th><th>HI GIO support</th><th>Description</th></tr></thead><tbody><tr><td>IKE Version</td><td></td><td></td><td>IKEv1, IKEv2</td><td></td></tr><tr><td>Encryption</td><td></td><td></td><td>AES 128, AES 256, AES-CGM 128, AES-CGM 192, AES-CGM 256</td><td></td></tr><tr><td>Digest</td><td></td><td></td><td>SHA1, SHA 2-256, SHA 2-384, SHA 2-152</td><td>Package Integrity Control Hash Algorithm</td></tr><tr><td>Diffie-Hellman Group</td><td></td><td></td><td><p>Group 2, </p><p>Group 5, </p><p>Group 14, Group 15, Group 16, Group 19, Group 20, Group 21</p></td><td>Encryption Public Key Size</td></tr><tr><td>Association Life Time (seconds)</td><td></td><td></td><td></td><td></td></tr></tbody></table>

<mark style="color:green;">**Tunnel Configuration (Phase2)**</mark>

<table><thead><tr><th width="207">Object Name</th><th>Customer's Device</th><th>HI GIO</th><th>HI GIO support</th><th>Description</th></tr></thead><tbody><tr><td>Enabled perfect forward secrecy (PFS)</td><td></td><td></td><td></td><td></td></tr><tr><td>Encryption</td><td></td><td></td><td>AES 128, AES 256, AES-CGM 128, AES-CGM 192, AES-CGM 256</td><td></td></tr><tr><td>Digest Algorithm</td><td></td><td></td><td>SHA1, SHA 2-256, SHA 2-384, SHA 2-152</td><td>Package Integrity Control Hash Algorithm</td></tr><tr><td>Diffie-Hellman Group</td><td></td><td></td><td><p>Group 2, </p><p>Group 5, </p><p>Group 14, Group 15, Group 16, Group 19, Group 20, Group 21</p></td><td></td></tr><tr><td>Association Life Time (seconds)</td><td></td><td></td><td></td><td></td></tr></tbody></table>

<mark style="color:green;">**DPD Configuration**</mark>

| Interval |   |   |   |   |
| -------- | - | - | - | - |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.higiocloud.vn/network/2.-vpn/ipsec-parameters.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.