To Next Page

To Previous Page

Security and authentication

9.3 IPsec VPN

SCALANCE S615 Command Line Interface

Configuration Manual, 06/2015, C79000-G8976-C406-02

387

9.3.7.3

default-ciphers

Description

With this command, you specify that a preset list (default list) is transferred to the VPN

connection partner during connection establishment. The list contains a combination of the

three algorithms (Encryption, Authentication, Key Derivation).

To establish a VPN connection, the VPN connection partner must support at least one of

these combinations. The combinations depend on the phase und the key exchange method

IKE).

Combination

Phase 1

Phase 2

Encryption

Authentica-

tion

Key Derivation

IKEv1

IKEv2

IKEv1

IKEv2

AES128 SHA1 DH Group 14 x x x x

AES256

SHA512

DH Group 16

AES128 CCM 16

SHA256

DH Group 14

AES256 CCM 16

SHA512

DH Group 16

AES128

SHA1

none

AES256

SHA512

none

AES128 CCM 16 SHA256 none - - x x

AES256 CCM 16

SHA512

none

x: is supported

: is not supported

none: For phase 2, no separate keys are exchanged. This means that Perfect Forward Secrecy PFS) is disabled.

Requirement

You are in the IPSEC PHASE configuration mode.

The command prompt is as follows:

cli(config-conn-phsX)#

X: 1 (Phase 1)

2 (Phase 2)

Syntax

Call the command without parameter assignment:

default-ciphers

Result

The default list is used.

Protocols	IPsec, OpenVPN
Power Supply	24 V DC
Mounting Type	DIN Rail
Product Name	SCALANCE S615
Ports	5
Firewall	Yes
Weight	0.6 kg
Certifications	CE

Siemens SCALANCE S615 Configuration Manual

Table of Contents

Other manuals for Siemens SCALANCE S615

Questions and Answers:

Siemens SCALANCE S615 Specifications

Related product manuals