It should be evident which protocols Easy VPN does not support through your knowledge of IPSec and by reading Chapter 8, "Understanding IPSec VPNs on Cisco Routers." If you have read the previous section and do not know the other IPSec protocols, you really need to re-read IPSec Chapter 8. Authentication TypesAn additional authentication method is Digital Signature Standard (DSS).
D-H GroupsThe D-H group identifiers are 1, 2, 5, and 7.
IPSec ProtocolsThe two main IPSec protocols are AH and ESP.
IPSec ModesTransport mode and tunnel mode provide different levels of traffic security. Tunnel mode provides some additional benefits.
Perfect Forward SecrecyThe shared secret key used with symmetrical security algorithm is established during IKE negotiations using the D-H protocol. Through the use of Perfect Forward Secrecy (PFS), the shared secret key can be renegotiated in the IPSec tunnel.
Manual KeysThe three methods you use to authenticate an IPSec peer are preshared keys, RSA signatures, and RSA encrypted nonces. Manual keys are established when you decide to use RSA encrypted nonces for authentication.
|