Table of Contents
Advertisement
Configuring IPSec Settings
Internet Protocol Security (IPSec or IPsec) is a protocol suite for encrypting data transported over a network, including
Internet networks. While SSL only encrypts data used on a specific application, such as a Web browser or an e-mail
application, IPSec encrypts either whole IP packets or the payloads of IP packets, offering a more versatile security
system. The IPSec of the machine works in transport mode, in which the payloads of IP packets are encrypted. With
this feature, the machine can connect directly to a computer that is in the same virtual private network (VPN). Check
the system requirements and set the necessary configuration on the computer before you configure the machine.
System Requirements
IPSec that is supported by the machine conforms to RFC2401, RFC2402, RFC2406, and RFC4305.
Operating system
Connection mode
Key exchange protocol
ESP
AH
IPSec functional restrictions
●
IPSec supports communication to a unicast address (or a single device).
●
The machine cannot use both IPSec and DHCPv6 at the same time.
●
IPSec is unavailable in networks in which NAT or IP masquerade is implemented.
Security
Windows Vista/7/8/Server 2003/Server 2008/Server 2012
Transport mode
IKEv1 (main mode)
Authentication method
Hash algorithm
(and key length)
Encryption algorithm
(and key length)
Key exchange algorithm/group (and key
length)
Hash algorithm
Encryption algorithm
(and key length)
Hash algorithm/encryption algorithm (and
key length)
Hash algorithm
●
Pre-shared key
●
Digital signature
●
HMAC-SHA1-96
●
HMAC-SHA2 (256 bits or 384 bits)
●
3DES-CBC
●
AES-CBC (128 bits, 192 bits, or 256 bits)
Diffie-Hellman (DH)
●
Group 1 (768 bits)
●
Group 2 (1024 bits)
●
Group 14 (2048 bits)
HMAC-SHA1-96
●
3DES-CBC
●
AES-CBC (128 bits, 192 bits, or 256 bits)
AES-GCM (128 bits, 192 bits, or 256 bits)
HMAC-SHA1-96
259
0U6X-097
Advertisement
Table of Contents
