INSIDE Secure
Previous Next Up [Front page] [Index]
    About This Document>>
    Implementation >>
    User Interface >>
        Securing the Key Store
        GUI Elements
        Connecting
        Configuring Connections >>
            Basic Connection Options
            IPsec Connection Types
            Advanced Connection Options
            Custom Algorithms
        VPN Client Menu >>

Custom Algorithms

If the Algorithm suite selection has be set to Custom (see Advanced Connection Options), the following additional connection configuration choices are displayed:

  • IKE encryption algorithms: The available options depend on the which IKE version is used. The following encryption algorithms are available:
    • AES-CBC 128
    • AES-CBC 192
    • AES-CBC 256
    • 3DES
    • AES-GCM 128 (IKEv2 only)
    • AES-GCM 192 (IKEv2 only)
    • AES-GCM 256 (IKEv2 only)
    • AES-CTR 128 (IKEv2 only)
    • AES-CTR 192 (IKEv2 only)
    • AES-CTR 256 (IKEv2 only)
  • IKE integrity algorithms: Choose which algorithm is used for integrity operations for IKE traffic. The selected algorithm is generally used both for pseudo-random function (PRF) and integrity functionality. The exception is when IKEv2 is used with AES-GCM. In that case the selected function is used only for PRF functionality, and AES-GCM is used as the integrity algorithm. The available options depend on the which IKE version is used. The following integrity algorithms are available:
    • SHA-1
    • MD5
    • SHA-256
    • SHA-384
    • SHA-512
    • AES-XCBC (IKEv2 only)
  • IKE groups: The following selections are available:
    • Group 1 (MODP-768)
    • Group 2 (MODP-1024)
    • Group 5 (MODP-1536)
    • Group 14 (MODP-2048)
    • Group 15 (MODP-3072)
    • Group 16 (MODP-4096)
    • Group 17 (MODP-6144)
    • Group 18 (MODP-8192)
    • Group 19 (ECP-256)
    • Group 20 (ECP-384)
    • Group 21 (ECP-521)
    • Group 22 (MODP-1024-160)
    • Group 23 (MODP-2048-224)
    • Group 24 (MODP-2048-256)
    • Group 25 (ECP-192)
    • Group 26 (ECP-224)
  • IPsec encryption algorithms: The following algorithms are available:
    • AES-CBC 128
    • AES-CBC 192
    • AES-CBC 256
    • 3DES
    • AES-GCM 128
    • AES-GCM 192
    • AES-GCM 256
    • AES-CTR 128
    • AES-CTR 192
    • AES-CTR 256
    Note: If an AES-GCM algorithm is selected as IPsec encryption algorithm, IPsec integrity algorithm is automatically set as none.
  • IPsec integrity algorithms: The following selections are available:
    • SHA1
    • MD5
    • SHA-256
    • SHA-384
    • SHA-512
    • AES-XCBC
    Note: If an AES-GCM algorithm is selected as IPsec encryption algorithm, IPsec integrity algorithm is automatically set as none.

Previous Next Up [Front page] [Index]

Copyright © 2013 INSIDE Secure Oy
All rights reserved.
Copyright Notice