Specifications
1-4
VPN 3000 Series Concentrator Getting Started
78-15733-03
Chapter 1 Understanding the VPN 3000 Concentrator
Software Features
Software Features
The VPN Concentrator incorporates the following virtual private networking software features:
VPN Feature Description
Management
Interfaces
The VPN Concentrator offers multiple management interfaces. Each interface
provides complete capabilities and can be used to fully configure, administer,
and monitor the device.
• The VPN Concentrator Manager is an HTML-based interface that lets you
manage the system remotely with a standard web browser using either of
the following:
–
HTTP connections
–
HTTPS (HTTP over SSL) secure connections
• The VPN Concentrator command-line interface is a menu- and
command-line based interface that you can use with the local system
console or remotely using any of the following:
–
Telnet connections
–
SSHv1 (Secure Shell), including SCP (Secure Copy)
Tunneling Protocols
• IPSec (IP Security) Protocol
–
Remote access, using Cisco VPN Client or other select IPSec
protocol-compliant clients
–
LAN-to-LAN, between peer VPN Concentrators or between a VPN
Concentrator and another IPSec protocol-compliant secure gateway
• L2TP over IPSec (for native Windows 2000, Windows NT, and Windows
XP client compatibility)
• WebVPN (clientless access using an HTTPS web browser)
• PPTP (Point-to-Point Tunneling Protocol) with encryption
• L2TP (Layer 2 Tunneling Protocol)
Encryption Algorithms
• 56-bit DES (Data Encryption Standard)
• 168-bit Triple DES
• Microsoft Encryption (MPPE): 40-bit and 128-bit RC4
• 128-bit, 192-bit, and 256-bit AES (Advanced Encryption Standard)
Authentication
Algorithms
• MD5 (Message Digest 5)
• SHA-1 (Secure Hash Algorithm)
• HMAC (Hashed Message Authentication Coding) with MD5
• HMAC with SHA-1
Key Management
• IKE (Internet Key Exchange), formerly called ISAKMP/Oakley, with
Diffie-Hellman key technique
• Diffie-Hellman Group 1, Group 2, Group 5, and Group 7 (ECC)
• Perfect Forward Secrecy (PFS)