Chapter 21 L2TP VPN
SBG3300-N Series User’s Guide
236
Device. The algorithms in red in Table 104 on page 236 indicate the ones that will be accepted
based on Table 92 on page 214.
After phase 1 tunnel is established, IPSec phase 2 negotiations begin. Table 105 on page 236 lists
the IPSec phase 2 proposals provided by a built-in L2TP client in the popular operating systems.
The first proposal that can be supported by the phase 2 setting in the Default_L2TPVPN IPSec
VPN rule will be accepted by the Device. The algorithms in red in Table 105 on page 236 indicate
the ones that will be accepted based on Table 92 on page 214.
Table 104 Phase 1 IPSec proposals provided by the built-in L2TP client in popular operating systems
(Encryption/Authentication/Key Group)
WINDOWS XP WINDOWS VISTA WINDOWS 7 IOS 5.1 ANDROID 4.1
1 3DES/SHA1/
DH15
3DES/SHA1/
DH15
AES/SHA1/DH15 AES/SHA1/DH2 AES/SHA1/DH2
2 3DES/SHA1/DH2 3DES/SHA1/DH2 3DES/SHA1/
DH15
AES/MD5/DH2 AES/MD5/DH2
3 3DES/MD5/DH2 3DES/SHA1/DH2 3DES/SHA1/DH2 3DES/SHA1/DH2
4 DES/SHA1/DH1 3DES/MD5/DH2 3DES/MD5/DH2
5DES/MD5/DH1 DES/SHA1/DH2
6 DES/MD5/DH2
Table 105 Phase 2 IPSec proposals provided by the built-in L2TP client in popular operating systems (Tunnel
Mode/Encryption/Authentication) [Encapsulation = Transport]
WINDOWS XP WINDOWS VISTA WINDOWS 7 IOS 5.1 ANDROID 4.1
1 ESP/3DES/MD5
ESP/3DES/SHA1
ESP/AES/SHA1 ESP/AES/SHA1 ESP/AES/SHA1
ESP/AES/MD5
ESP/3DES/SHA1
ESP/3DES/MD5
ESP/AES/SHA1
ESP/AES/MD5
ESP/3DES/SHA1
ESP/3DES/MD5
ESP/DES/SHA1
ESP/DES/MD5
2 AH/-/SHA1 and
ESP/3DES/-
ESP/3DES/SHA1 ESP/3DES/SHA1
3AH/-/MD5 and
ESP/3DES/-
AH/-/SHA1 and
ESP/AES/-
ESP/DES/SHA1
4 AH/-/SHA1 and
ESP/3DES/SHA1
AH/-/SHA1 and
ESP/3DES/-
ESP/-/SHA1
5AH/-/MD5 and
ESP/3DES/MD5
AH/-/SHA1 and
ESP/3DES/SHA1
AH/-/SHA1
6ESP/DES/MD5
ESP/DES/SHA1
ESP/-/SHA1
AH/-/SHA1
To Next Page
Loading...
