This section lists all of the functions and properties of the LCOS VPN module. Experts of the VPN sector are offered a highly compressed summary of the performance of the function. Understanding the terminology requires a sound knowledge of the technical fundamentals of VPN. However, for commissioning and normal operation of the VPN, this information is non-essential.
- VPN tunnel via leased lines, switched connections and IP networks
- LANCOMDynamic VPN: Public IP addresses can be static or dynamic (establishing a connection with remote sites using dynamic IP addresses requires ISDN)
- VPN in accordance with IPSec standard
- IPSec in tunnel mode
- Hash algorithms:
- HMAC-MD5-96, hash length 128 bits
- HMAC-SHA-1-96, hash length 160 bits
- HMAC-SHA-1-256, hash length 256 bits
- HMAC-SHA-1-384, hash length 384 bits
- HMAC-SHA-1-512, hash length 512 bits
- Key management as per ISAKMP (IKEv1, IKEv2)
- Symmetrical encryption methods
- AES, key lengths of 128, 192 and 256 bits
- Triple-DES (3DES), key length 168 bit
- Blowfish, key length 128 - 448 bits
- CAST, key length 128 bits
- DES, key length 56 bits
- IKEv1 main and aggressive mode
- IKEv1 / IKEv2 config mode
- IKEv1 with pre-shared keys and IKEv2
- IKEv1 and IKEv2 with RSA signature and digital certificates (X.509)
- Key exchange via Oakley, Diffie-Hellman algorithm with the following DH groups:
- DH-1 (768-bit modulus)
- DH-2 (1024-bit modulus)
- DH-5 (1536-bit modulus)
- DH-14 (2048-bit modulus)
- DH-15 (3072-bit modulus)
- DH-16 (4096-bit modulus)
- DH-19 (256-bit random ECP group)
- DH-20 (384-bit random ECP group)
- DH-21 (521-bit random ECP group)
- DH-28 (brainpoolP256r1)
- DH-29 (brainpoolP384r1)
- DH-30 (brainpoolP512r1)
