As part of the continuous enhancement of our security standards, SwyxON supports the following modern VPN cipher suites by default:
- AES256GCM-PRFSHA384
- AES256GCM-PRFSHA256
These comply with the current and more stringent requirements of the BSI and remain our recommended configuration for VPN connectivity.
At the request of many of our partners, we have additionally re-enabled the CBC-based VPN cipher
- AES256-SHA256
This cipher continues to be temporarily permitted by the BSI and can be used particularly in existing or legacy environments to ensure compatibility.
Please note that the GCM-based cipher suites should still be preferred whenever possible.
Comments
0 comments
Article is closed for comments.