Cisco Cisco Packet Data Gateway (PDG)
• RFC 5996 – Internet Key Exchange Protocol Version 2 (IKEv2)
• Hashed Message Authentication Codes:
◦AES 96
◦MD5
◦SHA1/SHA2
• X.509 Certificate Support – maximum key size = 2048
Non-compliant
Standards
• RFC 3173 – IP Payload Compression Protocol (IPComp)
• RFC 5723 – Internet Key Exchange Protocol Version 2 (IKEv2) Session Resumption
• RFC 5840 – Wrapped Encapsulating Security Payload (ESP) for Traffic Visibility
• RFC 5856 – Integration of Robust Header Compression over IPsec Security Associations
Hashed Message Authentication Codes
• HMAC AES 128 GMAC
• HMAC AES 192 GMAC
• HMAC AES 256 GMAC
Encryption Algorithms
• Diffie Hellman (DH) Group 17
• DH Group 18
• DH Group 19
• DH Group 20
• DH Group 21
• DH Group 24
Certificates
• Digital Signature Algorithm (DSA)
• xAuth
SecGW Administration Guide, StarOS Release 19
14
Security Gateway Overview
Non-compliant