System Description
•
Encryption
• Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), Data
• 3DES/DES acceleration
•
Data Integrity
• MD5 & SHA-1 algorithms
•
Internet Protocol Security (IPsec)
• Encapsulating Security Payload (ESP), Authentication Header (AH) & IPComp
• Tunnel & Transport mode
• Diffie-Hellman Groups 1 & 2
• Mode Config for IP address assignment
• NAT Traversal via UDP encapsulation
•
Public Key Infrastructure (PKI)
• Microsoft, Verisign Certificate Authority (CA) support
• Simple Certificate Enrollment Protocol (SCEP)
• Chained CA support
• CRL checking (Hypertext Transfer Protocol [HTTP] & Lightweight Directory Access
•
Network Address Translation (NAT)
• Static NAT, on the interface and port-forwarded static NAT
• PAT (NAPT) by port source and destination address
• Dynamic NAT by source/destination IP address
• Dynamic NAT pool mapping with overload
• PPTP/GRE ALG and arbitrary IP address for NAPT
• Multiple NATs on an interface
•
Dynamic Host Configuration Protocol (DHCP)
• DHCP Server
•
OSPF over VPN
•
DF Bit override
GRE over IPSec
•
ToS bit preservation
•
IP helper on VPN interfaces
•
IETF/Microsoft-compatible NAT traversal for L2TP
•
QoS over VPN
1-8 Overview
Encryption Standard (DES)
Protocol (LDAP)