This section lists all of the functions and properties of LANCOM VPN. This overview will provide a great deal of information for VPN experts. It is very compact, but contains a lot of complex, specialized terminology. Knowledge of the technical basics of VPN are required to understand this section. Don't worry: it's no problem if you skip this section. The information contained here is not required to set up and use LANCOM VPN.
- VPN in accordance with IPSec standard
- VPN tunnel via leased lines, switched connections and IP networks
- IPSec main and aggressive mode
- LANCOM Dynamic VPN: Public IP addresses can be static or dynamic (initiation of a connection towards remote sites with dynamic IP addresses requires ISDN)
- IPSec protocols AH, ESP and IPCOMP in transport and tunnel mode
- Hash
algorithms:
- HMAC-MD5-96, Hash length 128 bit
- HMAC-SHA-1-96, Hash length 160 bit
- Symmetrical encryption methods
- AES, key length 128, 192 and 256 bit
- Triple-DES, key length 168 bit
- Blowfish, key length 128 - 448 bit
- CAST, key length 128 bit
- DES, key length 56 bit
- IKE Config Mode
- IKE key exchange with Preshared Keys
- IKE with RSA signature and digital certificates (X.509)
- Key exchange via Oakley, Diffie-Hellman algorithm with key lengths 768 bit, 1024 bit or 1536 bit, well-known groups 1, 2 and 5
- Key management in accordance with ISAKMP
- Apart from conventional IPSec implementations, LANCOM devices offer extended functionality, such as the LANCOM Dynamic VPN that allows the use of the high-security IKE Main Mode even with dynamic IP addresses.
- In combination with the LANCOM Advanced VPN Client, a separate pre-shared key can be used for each connection even when using IKE Aggressive Mode connections.