Technical basics
3.8 Security functions
SCALANCE SC-600 Web Based Management (WBM)
64 Configuration Manual, 10/2021, C79000-G8976-C475-03
subnet by the OpenVPN server. The IP packets (layer 3) are routed between the
virtual tunnel interface and the LAN interface.
• TAP device: Bridge Mode
For operation in flat networks. External and internal interface are in the same IP
subnet.
Authentication method
• Certificates: CA certificate and device certificate
The use of certificates is an asymmetrical cryptographic system. Each node (device)
has a secret, private key and a public key of the partner. The private key allows the
device to authenticate itself and to generate digital signatures.
• User name / Password
Access is restricted by a user name and a password.
Encryption methods
The device also supports the following methods:
• BF CBC
• AES128 CBC
• AES192 CBC
• AES256 CBC
• DES EDE3
3.8.7.3 VPN connection establishment
The device supports the following options for establishing a VPN connection.
• IPsec VPN: Security > IPsec VPN > Connections (Page 327)
• OpenVPN: Security > OpenVPN > Connections
• SINEMA RC: System > SINEMA RC (Page 227)
IPsec
OpenV
SINEMA
The device is "active", in other words, it attempts to
establish a connection to a partner. The partner is
addressed using its configured WAN IP address or
the configured FQDN.
The device is "passive", in other words, it waits for
the partner to initiate the connection.
To Next Page
Loading...
