A cryptographic profile specifies the ciphers used for
authentication and/or encryption between two IKE peers, and the
lifetime of the key. The time period between each renegotiation
is known as the lifetime; when the specified time expires, the firewall
renegotiates a new set of keys.
For securing communication across the VPN tunnel, the firewall requires IKE and IPSec
cryptographic profiles for completing IKE phase 1 and phase 2 negotiations,
respectively. The firewall includes a default IKE Crypto profile and a default IPSec
Crypto profile that are ready for use.