Encryption on LAN-to-LAN VPNs

Home Page Forums Network Management ZeroShell Encryption on LAN-to-LAN VPNs

This topic contains 0 replies, has 0 voices, and was last updated by  redtdi 10 years, 8 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #41353

    redtdi
    Member

    Hello:

    What kind of encryption is used when I select “Encryption” on a LAN-to-LAN VPN? I have a customer who wants to know what we are using.

    Thanks,
    Ken

    #47267

    imported_fulvio
    Participant

    I do not know what is the default encryption used by OpenVPN to encrypt the data. In any case you can see the supported cipher with the command:

    openvpn –show-ciphers

    The following ciphers and cipher modes are available
    for use with OpenVPN. Each cipher shown below may be
    used as a parameter to the –cipher option. The default
    key size is shown as well as whether or not it can be
    changed with the –keysize directive. Using a CBC mode
    is recommended.

    DES-CBC 64 bit default key (fixed)
    IDEA-CBC 128 bit default key (fixed)
    RC2-CBC 128 bit default key (variable)
    DES-EDE-CBC 128 bit default key (fixed)
    DES-EDE3-CBC 192 bit default key (fixed)
    DESX-CBC 192 bit default key (fixed)
    BF-CBC 128 bit default key (variable)
    RC2-40-CBC 40 bit default key (variable)
    CAST5-CBC 128 bit default key (variable)
    RC2-64-CBC 64 bit default key (variable)
    AES-128-CBC 128 bit default key (fixed)
    AES-192-CBC 192 bit default key (fixed)
    AES-256-CBC 256 bit default key (fixed)

    After that, you could, for example, force the use of AES256 with the switch

    –cipher AES-256-CBC

    in the parameter field in both the VPN peers.

    Regards
    Fulvio

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.