What client proposals does SonicWall offer for IPSec and L2TP?

Description

To successfully establish a VPN tunnel the L2TP/GVC (VPN) clients and the Remote VPN device must agree upon the same set of Proposals/Transform Payloads (differs from client to client), please refer the following table for complete details:  

List of IPSec and L2TP client proposals:

Supported Common Configuration which will work with all clients

Operating SystemPhase 1 ProposalPhase 2 Proposal
Windows 7PreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1
Windows VistaPreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1
Windows XPPreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1
iOs3.x (iPhone 3G/3GS/ iPad)PreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1
iOs4.x (iPhobe4/3GS)PreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1
SonicWall VPN Client (GVC)PreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1

 

Supported SonicOS configuration for individual clients which may provide Highest possible security Algorithim , but may not work with other clients

Operating SystemPhase 1 ProposalPhase 2 Proposal
Windows 7PreShared/3-DES/SHA1/Group2ESP/AES-128/HMAC-SHA1
Windows VistaPreShared/3-DES/SHA1/Group2ESP/AES-128/HMAC-SHA1
Windows XPPreShared/3-DES/SHA1/Group2ESP/3-DES/HMAC-SHA1
iOs3.x (iPhone 3G/3GS/ iPad)PreShared/3-DES/SHA1/Group2ESP/AES-128/HMAC-SHA1
iOs4.x (iPhobe4/3GS)PreShared/AES-256/SHA1/Group2ESP/AES-256/HMAC-SHA1
SonicWall VPN Client (GVC)PreShared/AES-256/SHA1/Group5ESP/AES-256/HMAC-SHA1

 

Detailed Chart of VPN Proposals and Transforms:

 Windows 7Windows VistaWindows XPiOs3.x (iPhone 3G/3GS/ iPad)iOs4.x (iPhobe4/3GS)SonicWall VPN Client (GVC)
Phase 1 Configuration      
Proposal #1      
 Number Of Transforms 5Number Of Transforms 4Number Of Transforms 5Number Of Transforms 1Number Of Transforms 6Number of Transform 32
       
 PreShared/AES-256/SHA1/Group20PreShared/AES-128/SHA1/Group19PreShared/3-DES/SHA1/Group14 PreShared/AES-256/SHA1/Group2GVC send proposal of various combination using Pre-shared, (AES-256, AES-192,AES-128, 3-DES, DES) , (SHA1,MD5), (Group 1, Group2, Group 5)
 PreShared/AES-128/SHA1/Group19PreShared/AES-256/SHA1/Group14PreShared/3-DES/MD5/Group2 PreShared/AES-256/MD5/Group2
 PreShared/AES-256/SHA1/Group14PreShared/3-DES/SHA1/Group14PreShared/3-DES/SHA1/Group1 PreShared/AES-128/SHA1/Group2
 PreShared/3-DES/SHA1/Group14 PreShared/3-DES/MD5/Group1 PreShared/AES-128/MD5/Group2
     PreShared/3-DES/MD5/Group2
 PreShared/3-DES/SHA1/Group2PreShared/3-DES/SHA1/Group2PreShared/3-DES/SHA1/Group2PreShared/3-DES/SHA1/Group2PreShared/3-DES/SHA1/Group2PreShared/3-DES/SHA1/Group2
       
       

 

Related Articles

  • TOTP based two-factor authentication for management by Admin user using SonicOS API
    Read More
  • Two-factor authentication using TOTP for Management by User with admin privileges
    Read More
  • How do I configure Two-factor authentication for the Admin login with TOTP?
    Read More

Categories

Firewalls
TZ Series
Firewalls
NSa Series
not finding your answers?
Ask the Community
was this article helpful?
YesNo