VPN

IKE Phase 1 Proposals

The following IKE Phase 1 proposals are supported by the IOLAN VPN gateway:

zCiphers—3DES, AES

zHashes—MD5, SHA1

zDiffie-HellmanGroups—2 (MODP1024), 5 (MODP1536), 14 (MODP2048), 15 (MODP3072), 16 (MODP4096), 17 (MODP6144), 18 (MODP8192)

ESP Phase 2 Proposals

The following ESP Phase 2 proposals are supported by the IOLAN VPN gateway:

zCiphers—3DES, AES

zAuthentication Algorithms—MD5, SHA1, SHA2

IPsec

When an IPsec tunnel becomes active, you are requiring that all access to the IOLAN go through the configured IPsec tunnel(s), so you must configure any exceptions first (see Exceptions on page 228 for more information on exceptions) or you will not be able to access the IOLAN through the network unless you are configured to go through the IPsec tunnel (you can still access the IOLAN through the Console port).

Field Descriptions

The following buttons are available:

Add Button

Click this button to add a new IPsec VPN tunnel.

Edit Button

Select an existing IPsec VPN tunnel to edit the tunnel’s parameters.

Delete Button

Select an existing IPsec VPN tunnel to remove the tunnel.

222

IOLAN SDS/SCS/STS User’s Guide, Version 3.6

Page 222
Image 222
Perle Systems STS, SCS manual IPsec, IKE Phase 1 Proposals, ESP Phase 2 Proposals, Authentication Algorithms-MD5, SHA1, SHA2