IPsec Specifications Configuring IPsec
page 27-2 OmniSwitch AOS Release 6 Network Configuration Guide September 2009
IPsec Specifications
RFCs Supported 4301 - Security Architecture for the Internet Proto-
col
4302 - IP Authentication Header (AH)
4303 - IP Encapsulating Security Payload (ESP)
4305 - Cryptographic Algorithm Implementation
Requirements for ESP and AH
4308 - Cryptographic Suites for IPsec
Encryption Algorithms Supported for ESP NULL, DES-CBC, 3DES-CBC, AES-CBC, and
AES-CTR
Key lengths supported for Encryption Algo-
rithms
DES-CBC - 64 bits
3DES-CBC - 192 bits
AES-CBC - 128, 192, or 256 bits
AES-CTR - 160, 224, or 288 bits
Authentication Algorithms Supported for
AH
HMAC-SHA1-96, HMAC-MD5-96, and AES-
XCBC-MAC-96
Key lengths supported for Authentication
Algorithms
HMAC-MD5 - 128 bits
HMAC-SHA1 - 160 bits
AES-XCBC-MAC - 128 bits
Master Security Key formats Hexadecimal (16 bytes) or String (16 characters)
Priority value range for IPsec Policy 1 - 1000
Index value range for IPsec Policy Rule 1 - 10
SPI Range 256 - 999999999
Modes Supported Transport
Platforms Supported OmniSwitch 6850, 9000, and 9000E
To Next Page
Loading...
