Protocols And Algorithms; Ipsec Tunnels - Vocality V200 User Manual

Vocality User Manual
User Manual for V200
Valid for V08_08.02 or V08_48.02
IPSec requires the Security software (RTUSEC)
and a Feature Key on all products.
This section explains how you can configure IPSec tunnels, by setting up the menus
below the IP > IPSec menu, for an IPSec tunnel with pre-shared keys or an IPSec tunnel
with IKE.

5.10.1 Protocols and algorithms

Security associations (both tunnelled and transport) may be configured with a range of
protocols/combination of protocols:
AH – authentication header only
ESP – encapsulating security protocol only
ESP-AH – combination of ESP & AH protocols
ESP-AUTH – encapsulating security protocol with authentication
Any of the following encryption algorithms:
3DES
AES128
AES192
AES256
Any of the following hash algorithms:
SHA1
MD5
AES128
SHA2-256
SHA2-384
SHA2-512
If any of the permissible protocols are unsuitable for your applications, you are able to
allow/disallow the use of certain protocols using the ‡IP > IPSec > IKE Crypto
Algorithms menu, ‡IP > IPSec > IKE Hash Algorithms menu, ‡IP > IPSec
> IKE DH Groups menu and ‡IP > IPSec > IKE Auth Algorithms menu

5.10.2 IPSec tunnels

Secure VPNs can be created between two Vocality units or a Vocality device and
another IPSec device through the use of IPSec tunnels. Alternatively it is possible to use
IP aggregates secured using IPSec transport encryption.
Page 65 of 114