Standards Supported network
Standards
Supported
To support fast, easy, and reliable deployment and
scalability to thousands of remote users and sites, the Cisco VPN 3000
Concentrators are full-featured VPN devices that incorporate IPSec and other
industry standards. The 3000 series support the following standards and
protocols. Any details for configuring these features are covered in Chapter 14.
-
Tunneling Protocols: IPSec, PPTP, L2TP, and L2TP/IPSec
-
Encryption/Authentication: IPSec Encapsulating Security
Payload (ESP) using DES/3DES (56/168 bit) or AES (128, 192, 256 bit) with MD5 or
SHA, MPPE using 40/128 bit RC4
-
Key Management: Internet Key Exchange (IKE) and
Diffie–Hellman (DH) Groups 1, 2, 5, 7 (ECDH)
-
NAT: NAT Transparent IPSec, IPSec/TCP, Ratified IPSec/UDP
(with autodetection and fragmentation avoidance). Ratified IPSec/UDP support for
NAT-T provides autodetection behind a NAT/PAT device, such as a small or home
office router, and adds multivendor interoperability
-
Routing: RIP, RIP2, OSPF, reverse route injection (RRI),
static, automatic endpoint discovery, classless interdomain routing (CIDR)
-
Release 3.6 includes DHCP relay/proxy for customers using
the Cisco VPN 3000 Concentrator as an edge device in wireless configurations
because it removes the need for an additional DHCP server
-
Dynamic Domain Naming System (DNS) population (DDNS/DHCP)
allows administrators to associate a remote access computer with its current IP
address
-
IPSec fragmentation policy control, including support for
Path MTU Discovery (PMTUD)
-
PPPoE Automatic Maximum Transmission Unit (MTU) adjustment
for the network driver interface specification WAN (NDISWAN) during install
improves remote access client operation in PPPoE DSL environments
-
MovianVPN (Certicom) Handheld VPN Client with ECC
167 times read
|
|
|
Did you enjoy this article?
(total 0 votes)
|
Sections
Comments (0 posted)
Syndication
