Athena SWG (Secure Web Gateway)

Athena SWG (formerly Internet Access Gateway) ensures visibility and control across the network, detecting risks like unauthorized access, non-compliant activities, and data leaks to manage endpoints.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
13.0.120
Athena SWG (Secure Web Gateway) {{ breadTitle }} User Manual Functions System Sangfor VPN Security Options
{{sendMatomoQuery("Athena SWG (Secure Web Gateway)","Security Options")}}

Security Options

{{ $t('productDocDetail.updateTime') }}: 2025-12-29

Set the security parameters when standard IPSec connections are set up with the peer end. See the following figure.

Before setting up IPSec connections with a third-party device, confirm the connection policy used by the device. The policy includes the protocol (AH or ESP), authentication algorithm (Null, MD5, SHA-1, or SM3), and encryption algorithm (DES, 3DES, AES, SANGFOR_DES, SCB2, or SM4). Next, click Add, see the following figure.

Click OK[A279].

Sangfor 's VPN gateway uses the configured connection policy to set up IPSec connections with the peer end.

The encryption algorithm specified in the security options encrypts the data used in phase II of a standard IPSec connection. If multiple devices using different connection policies are interconnected, add the policies to the security options.

The source IP addresses in outbound and inbound policies correspond to Source and Peer Service.

The outbound service, inbound server, and time settings for outbound and inbound policies are extended rules of Sangfor. The rules are effective only for the local device and are not negotiated when VPN connections are set up with third-party devices.