03/26/2020 5 People found this article helpful 456,128 Views
Which VPN-related RFC's and drafts are supported on SonicWall UTM Appliance?
In the older SonicWall firmware 6.x (GEN2/GEN3), SonicOS 2.x/3.x Standard, and SonicOS 2.x/3.x Enhanced, the following are supported:
RFC Title:
RFC 1825 Security Architecture for the Internet Protocol (obsoleted by RFC 2401)
RFC 1826 IP Authentication Header (obsoleted by RFC 2402)
RFC 1827 IP Encapsulating Security Payload (ESP) (obsoleted by RFC 2406)
RFC 1828 IP Authentication using Keyed MD5
RFC 1829 The ESP DES-CBC Transform
RFC 2085 HMAC-MD5 IP Authentication with Replay Prevention
RFC 2104 HMAC: Keyed-Hashing for Message Authentication
RFC 2401 Security Architecture for the Internet Protocol
RFC 2402 IP Authentication Header
RFC 2403 The Use of HMAC-MD5-96 within ESP and AH
RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH
RFC 2405 The ESP DES-CBC Cipher Algorithm With Explicit IV
RFC 2406 IP Encapsulating Security Payload (ESP)
RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP
RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP)
RFC 2409 The Internet Key Exchange (IKE)
RFC 2410 The NULL Encryption Algorithm and Its Use With IPsec
RFC 2411 IP Security Document Roadmap
RFC 2451 The ESP CBC-Mode Cipher Algorithms
RFC 3526 More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
RFC 3602 The AES-CBC Cipher Algorithm and Its Use with IPsec
RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Enhanced only)
RFC 3947 Negotiation of NAT-Traversal in the IKE (Enhanced only)
RFC 4306 Internet Key Exchange (IKEv2) Protocol (Enhanced only)
Internet Drafts
‘Negotiation of Nat-Traversal in the IKE’, drafts 00 (Standard only)
Source: SonicWall IKE / IPSec VPN Implementation FAQs