Reference Standards and Protocols

The following standards and protocols are associated with VPN:

  • RFC 2403: The Use of HMAC-MD5-96 within ESP and AH

  • RFC 2404: The Use of HMAC-SHA-1-96 within ESP and AH

  • RFC 2409: The Internet Key Exchange (IKE)

  • RFC 2451: The ESP CBC-Mode Cipher Algorithms

  • RFC 3526: More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)

  • RFC 3566: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec

  • RFC 3602: The AES-CBC Cipher Algorithm and Its Use with IPsec

  • RFC 3664: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)

  • RFC 4106: The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)

  • RFC 4109: Algorithms for Internet Key Exchange version 1 (IKEv1)

  • RFC 4434: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)

  • RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec

  • RFC 4301: Security Architecture for the Internet Protocol

  • RFC 4302: IP Authentication Header

  • RFC 4303: IP Encapsulating Security Payload (ESP)

  • RFC 4305: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)

  • RFC 4306: Internet Key Exchange (IKEv2)Protocol

  • RFC 4307: Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)

  • RFC 4308: Cryptographic Suites for IPsec

  • RFC 5282: Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol

  • RFC 6989: Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2)

  • RFC 7296: Internet Key Exchange Protocol Version 2 (IKEv2)

  • RFC 7321: Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)

  • RFC 8247: Algorithm Implementation Requirements and Usage Guidance for the Internet Key Exchange Protocol Version 2 (IKEv2)

  • RFC 3947: Negotiation of NAT-Traversal in the IKE

  • RFC 3948: UDP Encapsulation of IPsec ESP Packets

  • RFC 3706: A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers

  • RFC 4271: A Border Gateway Protocol 4 (BGP-4)