Difference between revisions of "IKE Implementation Analysis"
(Added FortiGate link) |
(No difference)
|
Latest revision as of 13:30, 26 January 2008
This section contains details of various vendor's IKE implementations, and how they respond to ike-scan.
This is a useful resource if you are trying to fingerprint an implementation, or if you want to know the idiosyncrasies of a particular vendor's product.
- Check Point Firewall-1 / VPN-1
- Cisco IOS
- Cisco PIX
- Cisco VPN Concentrator 3000
- FortiGate
- FreeS/WAN
- IBM AIX
- Juniper NetScreen
- Linksys Etherfast DSL/Cable VPN router
- Microsoft Windows
- Nortel VPN Router
- Novell BorderManager
- OpenBSD isakmpd
- OpenSwan
- KAME IPsec Tools (racoon)
- racoon2
- strongSwan
- Sun Solaris
- Symantec Raptor Firewall
The following general points apply to the implementation details shown above:
- The details shown only apply to IKE Phase-1;
- The details apply to remote access VPNs unless otherwise noted; and
- The system under test is acting as a responder, with ike-scan as the initiator.
