Proxicast

Topics > VPN > FAQ ID # 188

FAQ ID # 188
Last Update : 2009/12/05
Rating : Not Rated
Send FAQ by E-mail
Add to favorites
Print this FAQ

Social Bookmark this Article :


Question / Issue
Does the LAN-Cell 2 support 256-bit AES encryption?

Answer / Solution

The LAN-Cell 2 supports 256-bit AES for Phase 2 IPSec negotiation of VPN tunnels. Phase 1 (IKE) always uses 128-bits if AES is selected.

Note: You cannot select 256-bit AES from the LAN-Cell 2's Web GUI. You must enter the commands below via the Command Line Interface.

1. Use the Web GUI to define all of your VPN settings. Select AES for the Phase 2 (network policy) encryption algorithm.

2. Connect to the LAN-Cell's System Management Terminal (SMT) by either:

a) Telnet or SSH to the LAN-Cell's IP address

b) Use the Blue serial cable connected to the Console port (9600 N 8 1 NoFlowControl) and a terminal program like HyperTerm.

3. Press Enter to get the password prompt, then enter the password for the LAN-Cell (same as the Web GUI)

3. At the text-based SMT screen, select Menu #24, then Menu #8. This will expose a command line mode.

4. Enter the following commands (note: Commands are CASE SENSITIVE)

ipsec ipsecList

This will display a list of the network policies you have defined. Note the index number (first column) of the policy you wish to edit

ipsec ipsecEdit n
where n is the policy index number from above

ipsec ipsecDisplay
This will display the configuration details of the policy so you double check that you have the correct one. Note that the Encryption Key Length is 128.

ipsec ipsecConfig encryKeyLen 2
This will set the AES key length to 256 bits (choices are 0 = 128, 1= 192, 2 = 256)

ipsec ipsecSave
Saves the new settings

ipsec ipsecDisplay n
where n is the policy index

Will display the new ipsec parameters, Note the EncryptionKeyLen is now 256.

Repeat this process for any Network Policies that you want to use AES-256.

When you are finished, enter exit on the command line, then select menu option 99 to exit the SMT.


Related FAQs
What do DH1 and DH2 mean in the Key Group field on the Advanced VPN Rules page?
Tech Note: LAN-Cell VPN Planner

Direct Link to This FAQ
http://www.proxicast.com/AbsoluteFM/?f=188

Tags
aes, advacend encryption standard,256,bit,vpn, tunnel,encrypt
How would you rate this article?

Poor
1
2
3
4
5

Great
Submit

Back to Top