What type of IPsec tunnel is supported by VNS3?


VNS3 has successfully negotiated IPsec tunnels with all leading extranet hardware devices actively supported by the vendor (and some that are out of life and out of support).

VNS3 can connect to any IPsec device that supports the following:

  • Policy-based IPsec VPN
  • Main Mode
  • IKE Version - IKEv1 or IKEv2
  • Encryption Algorithms - AES256, AES128, or 3DES
  • Hashing - SHA1, MD5, or SHA256
  • Diffie-Hellman Groups - DH2, DH5, DH14
  • NAT-Traversal Encapsulation standard support required for clouds that don't allow Native IPsec connections (e.g. AWS Generic EC2 and Microsoft Azure)

Preferred  Most models from Cisco Systems*, Juniper, Watchguard, Dell SONICWALL, Netgear, Fortinet, Barracuda Networks, Check Point*, Zyxel USA, McAfee Retail, Citrix Systems, Hewlett Packard, D-Link, WatchGuard, Palo Alto Networks, OpenSwan, pfSense, and Vyatta.

*Known Exclusions  Checkpoint R65+ requires native IPSec connections as Checkpoint does not conform to NAT-Traversal Standards and Cisco ASA 8.4(2)-8.4(4) bugs prevent a stable connection from being maintained.


Watch the video on YouTube: https://youtu.be/Wt0D8RzPz1E

Have more questions? Submit a request