Field Description
-* , a key length of 128 bits is used.
• -*: Rijndael has been nominated as AES due to its
fast key setup, low memory requirements, high level of secur-
ity against attacks and general speed. Here, it is used with a
key length of 128 bits.
• -*: Rijndael has been nominated as AES due to its
fast key setup, low memory requirements, high level of secur-
ity against attacks and general speed. Here, it is used with a
key length of 192 bits.
• -*: Rijndael has been nominated as AES due to its
fast key setup, low memory requirements, high level of secur-
ity against attacks and general speed. Here, it is used with a
key length of 256 bits.
• (1!#: Twofish was a final candidate for the AES
(Advanced Encryption Standard). It is rated as just as secure
as Rijndael (AES), but is slower.
• =,1!#: Blowfish is a very secure and fast algorithm.
Twofish can be regarded as the successor to Blowfish.
• 2-*(: CAST is also a very secure algorithm, marginally
slower than Blowfish, but faster than 3DES.
• .*: DES is an older encryption algorithm, which is rated as
weak due to its small effective length of 56 bits.
Hash algorithms (Authentication):
• %. (default value): MD5 (Message Digest #5) is an older
hash algorithm. It is used with a 96 bit digest length for IPSec.
• -// : All options can be used.
• *?-: SHA1 (Secure Hash Algorithm #1) is a hash algorithm
developed by NSA (United States National Security Associ-
ation). It is rated as secure, but is slower than MD5. It is used
with a 96 bit digest length for IPSec.
Note that RipeMD 160 and Tiger 192 are not available for mes-
sage hashing in phase 2.
Use PFS Group As PFS (Perfect Forward Secrecy) requires another Diffie-
Hellman key calculation to create new encryption material, you
must select the exponentiation features. If you enable PFS (
,), the options are the same as for the configuration of
DH Group in the VPN->IPSec->Phase-1 Profiles menu. PFS is
Teldat GmbH
18 VPN
bintec Rxxx2/RTxxx2 351
To Next Page
Loading...
Need help?
General
