IKE Implementation Analysis

This section contains details of various vendor's IKE implementations, and how they respond to ike-scan.

This is a useful resource if you are trying to fingerprint an implementation, or if you want to know the idiosyncrasies of a particular vendor's product.

• Check Point Firewall-1 / VPN-1
• Cisco IOS
• Cisco PIX
• Cisco VPN Concentrator 3000
• FortiGate
• FreeS/WAN
• IBM AIX
• Juniper NetScreen
• Linksys Etherfast DSL/Cable VPN router
• Microsoft Windows
• Nortel VPN Router
• Novell BorderManager
• OpenBSD isakmpd
• OpenSwan
• KAME IPsec Tools (racoon)
• racoon2
• strongSwan
• Sun Solaris
• Symantec Raptor Firewall

The following general points apply to the implementation details shown above:

• The details shown only apply to IKE Phase-1;
• The details apply to remote access VPNs unless otherwise noted; and
• The system under test is acting as a responder, with ike-scan as the initiator.