|FAQ ID # 188|
|Last Update : 2009/12/05
Rating : Not Rated
Send FAQ by E-mail
Add to favorites
Print this FAQ
Social Bookmark this Article :
|Question / Issue|
|Does the LAN-Cell 2 support 256-bit AES encryption?|
|Answer / Solution|
The LAN-Cell 2 supports 256-bit AES for Phase 2 IPSec negotiation of VPN tunnels. Phase 1 (IKE) always uses 128-bits if AES is selected.
Note: You cannot select 256-bit AES from the LAN-Cell 2's Web GUI. You must enter the commands below via the Command Line Interface.
1. Use the Web GUI to define all of your VPN settings. Select AES for the Phase 2 (network policy) encryption algorithm.
2. Connect to the LAN-Cell's System Management Terminal (SMT) by either:
3. Press Enter to get the password prompt, then enter the password for the LAN-Cell (same as the Web GUI)
3. At the text-based SMT screen, select Menu #24, then Menu #8. This will expose a command line mode.
4. Enter the following commands (note: Commands are CASE SENSITIVE)
This will display a list of the network policies you have defined. Note the index number (first column) of the policy you wish to edit
ipsec ipsecEdit n
ipsec ipsecConfig encryKeyLen 2
ipsec ipsecDisplay n
Will display the new ipsec parameters, Note the EncryptionKeyLen is now 256.
Repeat this process for any Network Policies that you want to use AES-256.
When you are finished, enter exit on the command line, then select menu option 99 to exit the SMT.
|What do DH1 and DH2 mean in the Key Group field on the Advanced VPN Rules page?|
|Tech Note: LAN-Cell VPN Planner|
|Direct Link to This FAQ|
|aes, advacend encryption standard,256,bit,vpn, tunnel,encrypt|