Logo ID | 02-CS-000469 |
---|---|
Approved Date | 2011/03/01 |
Application ID | US-2-S-20101222-000147 |
Applied Date | 2010/12/22 |
Usage Agreement | Agreed |
OEM Licensor's Logo ID | - |
Note | - |
Target Information | ||
---|---|---|
Test Category | IPsec | |
Vendor Name | SonicWALL | |
Country | US | |
Product Name | NSA Series | |
Product Version | SonicOS 5.5 | |
Product Classification | SGW | |
Product Description | With advanced routing, stateful high-availability and high-speed VPN technology, the NSA Series provides security, reliability, functionality and productivity for branch offices, central sites and distributed mid-enterprise networks, while minimizing cost and complexity. | |
Vendor's Note |
In 5.2.11 Interoperability test, when FreeBSD sends Echo Request with ESP, it sends only one piece of the first fragmented Echo Reqeust with ESP When the interface is brought down and up, so the first ping packet is always lost. |
|
Test Information | Test Specification | 1.10.0 |
Interoperability Test Scneario | 1.10.0 | |
Information for Series of Product |
|
|
IPv6 Core Protocols Logo ID | 02-C-000469 |
Interoperable Devices |
Tunnel | SGW | |
---|---|---|---|
1 | Vendor Name | Red Hat, Inc. | |
Device Name | Fedora | ||
Version | 9 | ||
2 | Vendor Name | The FreeBSD Foundation | |
Device Name | FreeBSD | ||
Version | 8.1-release | ||
Target supporting Advanced Functions |
Mode | o Tunnel | |
ESP Algorithms |
- AES256/SHA512
- NULL/AESXCBC - AESCCM - CHACHA |
||
IKEv2 Algorithms: | IKE SA INIT |
- CHACHA
- AESGCM - AESCCM - SHA512 - AESXCBC - DH19 |
|
IKE AUTH: |
- CHACHA
- AESCCM - SHA512 - AESXCBC |
||
IKEv2 Features: | Invalid KE Payload: |
- IKE SA INIT exchage with N(invalid KE payload)
- IKE SA INIT exchange cookie and invalid KE |
|
Rekeying: |
- IKE SA
- IPsec SA |
||
IPsec v3 features |
o Support of ICMP message type/code
o Ping6 is implemented o Dummy Packet (No Next Header) handling - TFC Padding (Transport Mode) - TFC Padding (Tunnel Mode) |