Field
Description
message hash algorithms for IKE phase 1 on your device. The
combination of six encryption algorithms and four message
hash algorithms gives 24 possible values in this field. At least
one proposal must exist. Therefore the first line of the table can-
not be deactivated.
Encryption algorithms (
Encryption
):
•
'3-
(default value): 3DES is an extension of the DES al-
gorithm with an effective key length of 112 bits, which is rated
as secure. It is the slowest algorithm currently supported.
•
+ &
: Twofish was a final candidate for the AES
(Advanced Encryption Standard). It is rated as just as secure
as Rijndael (AES), but is slower.
•
</ &
: Blowfish is a very secure and fast algorithm.
Twofish can be regarded as the successor to Blowfish.
•
61-+
: CAST is also a very secure algorithm, marginally
slower than Blowfish, but faster than 3DES.
•
3-
: DES is an older encryption algorithm, which is rated as
weak due to its small effective length of 56 bits.
•
1-
: Rijndael has been nominated as AES due to its fast key
setup, low memory requirements, high level of security
against attacks and general speed.
•
1-!
: Rijndael has been nominated as AES due to its
fast key setup, low memory requirements, high level of secur-
ity against attacks and general speed. Here, it is used with a
key length of 128 bits.
•
1-!
: Rijndael has been nominated as AES due to its
fast key setup, low memory requirements, high level of secur-
ity against attacks and general speed. Here, it is used with a
key length of 192 bits.
•
1-!
: Rijndael has been nominated as AES due to its
fast key setup, low memory requirements, high level of secur-
ity against attacks and general speed. Here, it is used with a
key length of 256 bits.
Hash algorithms (
Authentication
):
•
(3
(default value): MD 5 (Message Digest #5) is an older
hash algorithm. It is used with a 96 bit digest length for IPSec.
•
-81
: SHA1 (Secure Hash Algorithm #1) is a hash algorithm
Funkwerk Enterprise Communications GmbH
18 VPN
R1xxx/R3xxx/R4xxx
291