AVM FRITZ (FRITZ!Box, ...) brand devices » History » Version 1
Noel Kuntze, 11.04.2021 05:55
AVM FRITZ brand devices
| 1 | 1 | Noel Kuntze | h1. AVM FRITZ (FRITZ!Box, ...) brand devices |
|---|---|---|---|
| 2 | 1 | Noel Kuntze | |
| 3 | 1 | Noel Kuntze | The AVM FRITZ brand devices are all very restricted and only implement IKEv1 in aggressive mode with PSK authentication and optionally XAUTH in the second round. |
| 4 | 1 | Noel Kuntze | |
| 5 | 1 | Noel Kuntze | The ciphers they implement are all considered insecure or deprecated |
| 6 | 1 | Noel Kuntze | They transmit the following proposals in IKE: |
| 7 | 1 | Noel Kuntze | |
| 8 | 1 | Noel Kuntze | * aes256-sha512-modp1024 |
| 9 | 1 | Noel Kuntze | * aes256-sha1-modp1024 |
| 10 | 1 | Noel Kuntze | * aes192-sha1-modp1024 |
| 11 | 1 | Noel Kuntze | * aes128-sha1-modp1024 |
| 12 | 1 | Noel Kuntze | * 3des-sha1-modp1024 |
| 13 | 1 | Noel Kuntze | * des-sha1-modp1024 |
| 14 | 1 | Noel Kuntze | * aes256-md5-modp1024 |
| 15 | 1 | Noel Kuntze | * aes192-md5-modp1024 |
| 16 | 1 | Noel Kuntze | * aes128-md5-modp1024 |
| 17 | 1 | Noel Kuntze | * 3des-md5-modp1024 |
| 18 | 1 | Noel Kuntze | * des-md5-modp1024 |
| 19 | 1 | Noel Kuntze | |
| 20 | 1 | Noel Kuntze | They also send the following vendor IDs: |
| 21 | 1 | Noel Kuntze | * XAUTH |
| 22 | 1 | Noel Kuntze | * DPD |
| 23 | 1 | Noel Kuntze | * NAT-T (RFC 3947) |
| 24 | 1 | Noel Kuntze | * draft-ietf-ipsec-nat-t-ike-02\n |
| 25 | 1 | Noel Kuntze | * draft-ietf-ipsec-nat-t-ike-03 |
| 26 | 1 | Noel Kuntze | * a2:22:6f:c3:64:50:0f:56:34:ff:77:db:3b:74:f4:1b |