In this section, some additional parameters are specified for the tunnel interfaces that are defined in the previous section.

• A key is specified so that the hosts can authenticate each other. This key must match on the two endpoints. Note that authentication is not encryption.
• The time to live (TTL), Type of Service (ToS), and maximum transmission unit (MTU) are specified for each endpoint.
• A firewall rule set is applied to each tunnel interface.