Specifications
System Description
1-8 Overview
SecurID (third-party plug-in)
Certificates (embedded/smart cards) – Microsoft only
– PPTP protocol
MS-ChapV2, EAP user authentication
Local Database & RADIUS
SecurID (third-party plug-in)
Certificates (embedded/smart cards) – Microsoft only
•Encryption
• Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), Data
Encryption Standard (DES)
• 3DES/DES acceleration
• Data Integrity
• MD5 & SHA-1 algorithms
• Internet Protocol Security (IPsec)
• Encapsulating Security Payload (ESP), Authentication Header (AH) & IPComp
• Tunnel & Transport mode
• Diffie-Hellman Groups 1 & 2
• Mode Config for IP address assignment
• NAT Traversal via UDP encapsulation
• Public Key Infrastructure (PKI)
• Microsoft, Verisign Certificate Authority (CA) support
• Simple Certificate Enrollment Protocol (SCEP)
• Chained CA support
• CRL checking (Hypertext Transfer Protocol [HTTP] & Lightweight Directory Access
Protocol (LDAP)
• Network Address Translation (NAT)
• Static NAT, on the interface and port-forwarded static NAT
• PAT (NAPT) by port source and destination address
• Dynamic NAT by source/destination IP address
• Dynamic NAT pool mapping with overload
• PPTP/GRE ALG and arbitrary IP address for NAPT
• Multiple NATs on an interface
• Dynamic Host Configuration Protocol (DHCP)
• DHCP Server
•OSPF over VPN
• DF Bit override