Back

Tunnel options for VPN to GPN connection

A VPN to GPN connection is built upon a tunnel that features a set of specific parameters. Some VPN clients may by default have incompatible options with the servers.com connection.

Please get acquainted with the below table that contains a list of parameters with their values supported by servers.com. While setting up your VPN client, make sure that your configuration meets the available servers.com tunnel options.

Tunnel option

Supported values

Description

IKE versions

ikev1

A version of the Internet Key Exchange (IKE) protocol. The same version must be met on both ends of a VPN tunnel.

Phase 1 Diffie-Hellman (DH) group numbers

Group 2, 5, 14, 15, 16, 17, 18

A Diffie-Hellman (DH) group defines the strength of a key taking part in the process of a key exchange. The higher the group, the stronger the security, but with that comes a longer processing time.

Phase 1 encryption algorithms

AES128, AES256, AES128-GCM-16, AES256-GCM-16

The process for when both members of a VPN tunnel exchange different parameters to come to an agreement is called a VPN negotiation. It consists of two phases:

  • Phase 1: to establish a secure encrypted channel so that both members can negotiate

  • Phase 2: both members come to an agreement called a Security Association that includes negotiated parameters on what traffic goes through the VPN and how to encrypt it

Each phase is featured with encryption and integrity algorithms:

  • Encryption algorithms are needed to protect data. All available algorithms are based on the Advanced Encryption Standard (AES). It's a symmetric algorithm that uses the same key for encryption and decryption

  • Integrity algorithms make sure that data within the packages aren’t changed. This operation is based on calculating a hash value using a Secure Hash Algorithm (SHA)

Phase 2 encryption algorithms

AES128, AES256, AES128-GCM-16, AES256-GCM-16

Phase 1 integrity algorithms

SHA1, SHA2-256, SHA2-384, SHA2-512

Phase 2 integrity algorithms

SHA1, SHA2-384, SHA2-512

Suggested Articles

  • VPN to GPN

    About VPN to Global Private Network (GPN)

  • VPN to GPN

    Creating a VPN gateway and getting credentials