Management Functions
1648-0F7
◼ Firewall Settings
● Up to 16 IP addresses (or ranges of IP addresses) can be specied for both IPv4 and IPv6.
● The packet lters described in this section control communications over TCP, UDP, and ICMP.
● Up to 32 MAC addresses can be specied.
◼ IPSec
● IPSec that is supported by the machine conforms to RFC2401, RFC2402, RFC2406, and RFC4305.
Operating system
Windows Vista/7/8/Server 2008/Server 2012
Connection mode Transport mode
Key exchange protocol
IKEv1 (main mode)
Authentication method
● Pre-shared key
● Digital signature
Hash algorithm
(and key length)
● HMAC-SHA1-96
● HMAC-SHA2 (256 bits or 384 bits)
Encryption algorithm
(and key length)
● 3DES-CBC
● AES-CBC (128 bits, 192 bits, or 256 bits)
Key exchange algorithm/group (and key length)
Die-Hellman (DH)
● Group 1 (768 bits)
● Group 2 (1024 bits)
● Group 14 (2048 bits)
ESP
Hash algorithm HMAC-SHA1-96
Encryption algorithm
(and key length)
● 3DES-CBC
● AES-CBC (128 bits, 192 bits, or 256 bits)
Hash algorithm/encryption algorithm (and key
length)
AES-GCM (128 bits, 192 bits, or 256 bits)
AH Hash algorithm HMAC-SHA1-96
● IPSec supports communication to a unicast address (or a single device).
● The machine cannot use both IPSec and DHCPv6 at the same time.
● IPSec is unavailable in networks in which NAT or IP masquerade is implemented.
Appendix
528
To Next Page
Loading...
