| Product | ZASTAVA TestServer (build 0493 22 July 2020) | |
| Test server IP address | 82.138.51.230 | |
| Test server IKE ports | udp:500, udp:4500, tcp:4500 | |
| Internal IP addresses to test connection | 10.0.0.1
(ping) 10.0.0.2 (ping, http) |
|
| Supported features | ||
| IKEv1 (*) | RFC 2409 | |
| IKEv2 | RFC 7296 | |
| IKEv2 MOBIKE | RFC 4555 | |
| IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA) | RFC 4754 | |
| IKEv2 Redirect (*) | RFC 5685 | |
| IKEv2 Session Resumption | RFC 5723 | |
| IKEv2 Childless IKE SA | RFC 6023 | |
| IKEv2 Quick Crash Detection | RFC 6290 | |
| IKEv2 High Availability Cluster (**) | RFC 6311 | |
| IKEv2 Fragmentation | RFC 7383 | |
| IKEv2 Signature Authentication | RFC 7427 | |
| IKEv2 NULL Authentication | RFC 7619 | |
| IKEv2 Clone IKE SA | RFC 7791 | |
| IKEv2 Puzzles (*) | RFC 8019 | |
| Curve25519 and Curve448 for the IKEv2 Key Agreement | RFC 8031 | |
| IKEv2 and ESP over TCP | RFC 8229 | |
| IKEv2 Split DNS | RFC 8598 | |
| Mixing Preshared Keys in IKEv2 for Post-quantum Security | RFC 8784 | |
| Alternative Approach for Mixing Preshared Keys in IKEv2 for Post-quantum Security | draft-smyslov-ipsecme-ikev2-qr-alt-01 | |
| Intermediate Exchange in IKEv2 | draft-ietf-ipsecme-ikev2-intermediate-03 | |
| Multiple Key Exchanges in IKEv2 | draft-ietf-ipsecme-ikev2-multiple-ke-01 | |
| GOST ciphers in ESP and IKEv2 | draft-smyslov-esp-gost-03 | |
| Using GOST algorithms in IKEv2 | draft-smyslov-ike2-gost-03 | |
| Testing configuration details | ||
| IKE Algorithms | CIPHER | ENCR_AES_GCM_16 (256 bit) ENCR_AES_GCM_8 (256 bit) ENCR_AES_CBC ENCR_KUZNYECHIK_MGM_KTREE ENCR_MAGMA_MGM_KTREE |
| PRF | SHA2_256-HMAC PRF_HMAC_STRIBOG_512 |
|
| AUTH | AUTH_HMAC_SHA2_256_128 | |
| KE | X25519 X448 MODP_2048 MODP_3072 MODP_4096 MODP_1536 GOST3410_2012_256 GOST3410_2012_512 |
|
| IKE Algorithms (draft-ietf-ipsecme-ikev2-multiple-ke-00) | AKE1 | MODP_1536 MODP_3072 MODP_4096 MODP_2048 X25519 X448 |
| AKE3 | MODP_2048 MODP_3072 MODP_4096 MODP_1536 MODP_1024 NONE |
|
| AKE2, AKE4-AKE7 | NONE | |
| ESP Algorithms | CIPHER | ENCR_AES_GCM_16 (256 bit) ENCR_AES_GCM_8 (256 bit) ENCR_AES_CBC ENCR_KUZNYECHIK_MGM_KTREE ENCR_MAGMA_MGM_KTREE ENCR_KUZNYECHIK_MGM_MAC_KTREE ENCR_MAGMA_MGM_MAC_KTREE |
| AUTH | AUTH_HMAC_SHA2_256_128 | |
| Authentication methods | Signature, PSK | |
| PSK | "SecretPSK" | |
| IDr | IP4: 82.138.51.230 | |
| RFC 8784 | ||
| PPK | "NotQuantumSafe" | |
| PPK ID | PPK_ID_FIXED:"PPKID1" | |
| draft-ietf-ipsecme-ikev2-multiple-ke-01 | ||
| Temporary code points | Additional Key Exchange 1 Additional Key Exchange 2 Additional Key Exchange 3 Additional Key Exchange 4 Additional Key Exchange 5 Additional Key Exchange 6 Additional Key Exchange 7 STATE_NOT_FOUND ADDITIONAL_KEY_EXCHANGE |
= 6 = 7 = 8 = 9 = 10 = 11 = 12 = 10100 = 50205 |