EasyManua.ls Logo

Siemens SIMATIC NET SCALANCE SC642-2C

Siemens SIMATIC NET SCALANCE SC642-2C
372 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Technical basics
3.8 Security functions
SCALANCE SC-600 Web Based Management (WBM)
62 Configuration Manual, 10/2021, C79000-G8976-C475-03
Encryption methods
The following encryption methods are supported. The selection depends on the phase
und the key exchange method (IKE)
Phase 1
Phase 2
IKEv1
IKEv2
IKEv1
IKEv2
3DES
x
x
x
x
AES128 CBC
x
x
x
x
AES192 CBC
x
x
x
x
AES256 CBC
x
x
x
x
AES128 CTR
-
x
x
x
AES192 CTR
-
x
x
x
AES256 CTR
-
x
x
x
AES128 CCM 16
-
x
x
x
AES192 CCM 16
-
x
x
x
AES256 CCM 16
-
x
x
x
AES128 GCM 16
-
x
x
x
AES192 GCM 16
-
x
x
x
AES256 GCM 16
-
x
x
x
x: is supported
-: is not supported
Default Ciphers
During connection establishment a preset list can be transferred to the VPN connection
partners. The list contains combinations of the three algorithms (Encryption,
Authentication, Key Derivation). To establish a VPN connection, the VPN connection
partner must support at least one of these combinations. The combinations depend on
the phase und the key exchange method (IKE).
Combination
Phase 1
Phase 2
Encryption
Authenticati
on
Key derivation
IKEv1
IKEv2
IKEv1
IKEv2
AES128
SHA1
DH Group 14
x
x
x
x
AES256
SHA512
DH Group 16
x
x
x
x
AES128 CCM 16
SHA256
DH Group 14
-
x
x
x
AES256 CCM 16
SHA512
DH Group 16
-
x
x
x
AES128
SHA1
none
-
-
x
x
AES256
SHA512
none
-
-
x
x
AES128 CCM 16
SHA256
none
-
-
x
x
AES256 CCM 16
SHA512
none
-
-
x
x
x: Combination is part of the default cipher
-
: Combination is not part of the default cipher
none: For phase 2, no separate keys are exchanged. This means that Perfect Forward Secrecy (PFS) is disabled.

Table of Contents

Related product manuals