IPsec VPN Overview
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
811
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
ENCRYPTION ALGORITHMS
There are several different encryption algorithms that can be used for closed
source versions of IPsec. However, the most commonly used algorithms are
"3DES" and “AES”. These algorithms are used for encrypting IP packets.
• Data Encryption Standard (DES) - A cryptographic block algorithm with a 64-bit
key.
• Triple DES (3DES) - A more powerful version of DES in which the original DES
algorithm is applied in three rounds, using a 192-bit key.
• Advanced Encryption Standard (AES) - AES uses a 128-bit, 192-bit, and 256-
bit keys.
I
NTERNET KEY EXCHANGE
Internet Key Exchange (IKE) defines the mechanism to establish SA's (Security
Association) requirements to secure packets between the two IPsec peers.
The tunnel negotiation happens using IKE protocol. IKE uses Internet Security
Association and Key Management Protocol (ISAKMP) as the framework to send
the messages. IKE messages are sent using UDP port number 500. For secure
communication, both ISAKMP SA and IPsec SA have to be established.
The system decides which packets are to be processed by IPsec using a policy,
based on the IP addresses, ports, etc. With each policy, a Security Association
(SA) is associated. You should mainly configure the encryption algorithm and
authentication algorithm that should be used. The cryptographic key should be
configured.
To Next Page
Loading...
Need help?
General
