Software Features
Software Features
The VPN Concentrator incorporates the following virtual private networking software features:
VPN Feature
Management
Interfaces
Tunneling Protocols
Encryption Algorithms
Authentication
Algorithms
Key Management
VPN 3000 Series Concentrator Getting Started
1-4
Description
The VPN Concentrator offers multiple management interfaces. Each interface
provides complete capabilities and can be used to fully configure, administer,
and monitor the device.
•
The VPN Concentrator Manager is an HTML-based interface that lets you
manage the system remotely with a standard web browser using either of
the following:
HTTP connections
–
–
HTTPS (HTTP over SSL) secure connections
•
The VPN Concentrator command-line interface is a menu- and
command-line based interface that you can use with the local system
console or remotely using any of the following:
Telnet connections
–
–
SSHv1 (Secure Shell), including SCP (Secure Copy)
IPSec (IP Security) Protocol
•
Remote access, using Cisco VPN Client or other select IPSec
–
protocol-compliant clients
LAN-to-LAN, between peer VPN Concentrators or between a VPN
–
Concentrator and another IPSec protocol-compliant secure gateway
L2TP over IPSec (for native Windows 2000, Windows NT, and Windows
•
XP client compatibility)
WebVPN (clientless access using an HTTPS web browser)
•
PPTP (Point-to-Point Tunneling Protocol) with encryption
•
L2TP (Layer 2 Tunneling Protocol)
•
•
56-bit DES (Data Encryption Standard)
•
168-bit Triple DES
•
Microsoft Encryption (MPPE): 40-bit and 128-bit RC4
128-bit, 192-bit, and 256-bit AES (Advanced Encryption Standard)
•
MD5 (Message Digest 5)
•
SHA-1 (Secure Hash Algorithm)
•
HMAC (Hashed Message Authentication Coding) with MD5
•
•
HMAC with SHA-1
IKE (Internet Key Exchange), formerly called ISAKMP/Oakley, with
•
Diffie-Hellman key technique
Diffie-Hellman Group 1, Group 2, Group 5, and Group 7 (ECC)
•
Perfect Forward Secrecy (PFS)
•
Chapter 1
Understanding the VPN 3000 Concentrator
78-15733-03