- Enterasys Security Router User's Guide
XSR VPN Features
XSR User’s Guide 14-19
- Client mode
• Remote Access application
–Clients
- Windows XP, 2000 (L2TP); NT 4.0, 98, 98 SE, ME, and CE. PPTP available on all clients
– L2TP/IPSec protocols
SCEP: Certificate and PKI environment
- MS-CHAP v2, EAP user authentication:
- Username/Password (local database and RADIUS)
- SecurID (third-node plug-in)
- Certificates (embedded/smart cards) – Microsoft only
– PPTP protocol
- MS-Chap V2, EAP user authentication
- Local Database and RADIUS
- SecurID (third-node plug-in)
- Certificates (embedded/smart cards) – Microsoft only
•Encryption
– Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), Data
Encryption Standard (DES)
– 3DES acceleration available
• Data integrity
– MD5 and SHA-1 algorithms
• Internet Protocol Security (IPSec)
– Encapsulating Security Payload (ESP), Authentication Header (AH) and IPComp
– Tunnel and Transport mode
– Diffie-Hellman Groups 1, 2 and 5
– Mode Config for IP address assignment
– NAT Traversal via UDP encapsulation
• Public Key Infrastructure (PKI)
– Microsoft Certificate Authority, Verisign (CA) support
– Simple Certificate Enrollment Protocol (SCEP)
– Microsoft Simple Certificate Enrollment Protocol (MSCEP)
–Chained CA support
– CRL checking (Hypertext Transfer Protocol [HTTP] and Lightweight Directory Access
Protocol [LDAP])
• Network Address Translation (NAT) protocol
–Static NAT
–NAPT