LANCOM devices are capable of operating VPN with IKEv1 and IKEv2.
IKEv2 facilitates a fast and secure establishment of VPN tunnels. For the first time it is now possible to operate encrypted networking between IPv6-based sites and IPv4-based sites by means of the mixed mode.
Manually configuring a VPN connection that uses IKEv1 is complex and error prone. Consequently, many IPSec implementations have incompatible configurations, which causes the VPN connections between the devices to fail. The IKEv2 configuration in LCOS gives administrators a reliable method of setting up a configuration that matches that of the remote station. For example, administrators have a choice of several Diffie-Hellman groups. At the same time, the revised user interface presents recommended default values for many of the configuration parameters. The simplified configuration with IKEv2 eliminates sources of error, which results in a lower administrative overhead. Further, VPN connection establishment with IKEv2 offers better performance, because IKEv2 only exchanges 4 packets when negotiating a VPN tunnel (one REQUEST per VPN partner and one REPLY), rather than the 6 required by IKEv1 in the "aggressive/quick mode" or 12 in "main mode". The standard of security is just as high with IKEv2 as with IKEv1.
Operating IKEv2 supports RFC 7296, RFC 7427 and, in the IKEv2 client mode, RFC 5685.