Jordi, The document addendum310.pdf is an addendum to the 3.1.0 User's Guide, (which applies to version 3.1.x). In versions prior to 3.1.3 the system software was limited due to export regulations. In version 3.1.3 (Feb 2001) release notes there is an item that says strong encryption has been added.
In the 3.2.0 User's Guide page 333 under the section "Encryption Methods" there is a sub-section title "Supported Encryption Methods", each encryption algorithm is described including the bit strength. From that section: None This selection indicates that no encryption will be used, (i.e. no ESP transformation). If None is selected for ESP then an authentication method must be selected which is used to define the AH transformation. Null No key and no encryption, only IP encapsulation. This method does not provide any encryption however it will encapsulate any IP packet. This is useful when application protocols that are not supported by the GNAT Box system are desired to be used between two sites, (e.g. MS Netmeeting). AES 128 bits. In Manual Key exchange a key size of 16 ASCII chars or 32 Hex characters should be used. Blowfish 40 to 448 bits. When using Manual Key exchange method, the length must be between 5-56 ASCII characters or 10-112 Hex characters. CAST128 40 to 128 bits. When using Manual Key VPN, the key length 5-16 ASCII characters or 10-32 Hex characters. DES 64 bits. When using Manual Key VPN, the key length must be ASCII 8 characters or 16 Hex characters. Note: often DES is referred to as 56 bits as one bit of each byte is used as a parity bit. 3DES 192 bits. When using Manual Key VPN, the key length must be 24 ASCII characters or 48 Hex characters. Note: often 3DES is referred to as 168 bits as one bit of each byte is used as a parity bit. Twofish 40 to 256 bits. When using Manual Key VPN the key length must be from 5 to 32 ASCII characters or 10-64 Hex characters. Strong Only available when using IKE. This indicates that the GNAT Box VPN will accept any of the encryption methods other than None or Null. Paul >Thanks for the answer. Where can I found the updated documentation >?. I've downloaded the User Manuals from your web site, and the last >version is 3.2 (document name gb320ug.pdf) and the addendum >(addendum310.pdf). On these documents, it is clearly stated that the >encryption algorithms are limited to 64 bits (page 136 on >gb320ug.pdf, "Note: Remember that the variable length encryption >methods (Blowfish and Cast128) are limited to 24 bits" > >Jordi -- ---------------------------------------------------------------------------- Paul Emerson Tel: +1.407.380.0220 x1106 Global Technology Associates, Inc. Fax: +1.407.380.6080 3505 Lake Lynda Drive Mobile: +1.407.310.8563 Suite 109 Email: [EMAIL PROTECTED] Orlando, Florida 32817 USA Web: http://www.gta.com Mobile Email: [EMAIL PROTECTED] ----------------------------------------------------------------------------
