Aes Versus 3Des - Symbol WS5000 Series System Reference Manual

Table 12.5 Configuring VPN Session License
To
enable the VPN support
show the status of vpnsupport, whether its
enabled or disabled.
show the MAC based serial number that is
used to generate a license file
increase the number of sessions allowed in
license file
The license key is decrypted to yield two items-a MAC address, which must match the switch being configured
and the number of VPN sessions to allow.
Note A site license will have a customer-specific code embedded into the MAC
address field; in this case the MAC address value will not be a valid address for any
Ethernet device anywhere. This license entitlement will be meant for use by any and all
switches owned by the customer.
Note Both wired and non-wired VPN clients are supported.

12.2.5 AES versus 3DES

The Advanced Encryption Standard (AES) protocol is a block cipher that supports 128, 192 and 256-bit keys and
encryption blocks and is being implemented as a replacement for 3DES (Triple Data Encryption Standard).
The critical advantage of AES over 3DES is that 3DES has been defeated while AES has proven to be much
more difficult to defeat. A further advantage of AES is that it is faster than 3DES.
In addition to being stronger and faster, AES can also protect WS5100-VPN DOS-based clients.
Configuring the WS5100 WTLS VPN
CLI command used
cfg> set vpnsupport enable
Note You don't need to provide the name of the
license file as the switch will use the license.lk file
that was either disabled earlier or use the pre-
loaded file.
cfg> show vpnsupport
cfg> show vpnsupport
cfg> wvpn> set licensefile <license file>
Note This CLI picks up the license file and places it
at /etc/wvpn , which is then accepted by the VPN
server. This CLI does not reboot the switch.
12-11