Enterasys Networks Security Router X-PeditionTM User Manual

XSR VPN Features

XSR User’s Guide 14-19

- Client mode

•

Remote Access application

–

Clients

- Windows XP, 2000 (L2TP); NT 4.0, 98, 98 SE, ME, and CE. PPTP available on all clients

–

L2TP/IPSec protocols

SCEP: Certificate and PKI environment

- MS-CHAP v2, EAP user authentication:

- Username/Password (local database and RADIUS)

- SecurID (third-node plug-in)

- Certificates (embedded/smart cards) – Microsoft only

–

PPTP protocol

- MS-Chap V2, EAP user authentication

- Local Database and RADIUS

- SecurID (third-node plug-in)

- Certificates (embedded/smart cards) – Microsoft only

•

Encryption

–

Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES), Data
Encryption Standard (DES)

–

3DES acceleration available

•

Data integrity

–

MD5 and SHA-1 algorithms

•

Internet Protocol Security (IPSec)

–

Encapsulating Security Payload (ESP), Authentication Header (AH) and IPComp

–

Tunnel and Transport mode

–

Diffie-Hellman Groups 1, 2 and 5

–

Mode Config for IP address assignment

–

NAT Traversal via UDP encapsulation

•

Public Key Infrastructure (PKI)

–

Microsoft Certificate Authority, Verisign (CA) support

–

Simple Certificate Enrollment Protocol (SCEP)

–

Microsoft Simple Certificate Enrollment Protocol (MSCEP)

–

Chained CA support

–

CRL checking (Hypertext Transfer Protocol [HTTP] and Lightweight Directory Access
Protocol [LDAP])

•

Network Address Translation (NAT) protocol

–

Static NAT

–

NAPT