SecurityandAccessConfiguration·Chapter5 209 Tools & Traps... IPSec Parameters The two IPSec peers should agree on authentication and encryption methods, exchange keys, and verify each other's identities. While configuring the peer IPSec devices, consider the following: At least one proposal (encryption algorithm and hash function) should match on the peer devices. Authentication method: If you are using Shared Secret, then both devices should have the same shared secret. If you are using X.509 Certificates, then both devices should install all the trusted CA certificates in the trust hierarchy.