Authentication method
● CA certificate, device and partner certificate (digital signatures)
The use of certificates is an asymmetrical cryptographic system in which every node
(device) has a pair of keys. Each node has a secret, private key and a public key of the
partner. The private key allows the device to authenticate itself and to generate digital
signatures.
● Pre-shared key
The use of a pre-shared key is a symmetrical cryptographic system. Each node has only one
secret key for decryption and encryption of data packets. The authentication is via a
common password.
Local ID and remote ID
The local ID and the remote ID are used by IPsec to uniquely identify the partners (VPN end
point) during establishment of a VPN connection.
Encryption methods
The following encryption methods are supported. The selection depends on the phase und the
key exchange method (IKE)
Phase 1 Phase 2
IKEv1 IKEv2 IKEv1 IKEv2
3DES x x x x
AES128 CBC x x x x
AES192 CBC x x x x
AES256 CBC x x x x
AES128 CTR - x x x
AES192 CTR - x x x
AES256 CTR - x x x
AES128 CCM 16 - x x x
AES192 CCM 16 - x x x
AES256 CCM 16 - x x x
AES128 GCM 16 - x x x
AES192 GCM 16 - x x x
AES256 GCM 16 - x x x
x: is supported
-: is not supported
Technical basics
3.5 Security functions
SCALANCE S615 Web Based Management
Configuration Manual, 11/2019, C79000-G8976-C388-08 51
To Next Page
Loading...
Need help?
General
