Corente Cloud Services Exchange supports secure connections between Corente Services Gateways and third-party VPN devices, such as Cisco Adaptive Security Appliance (ASA) or Juniper devices.
Corente Services Gateways use the following ports and protocols to establish tunnels with third-party VPN devices:
UDP 500 for
ISAKMPUDP 4500 for
NATTIP Protocol 50 for
IPSec
To authenticate with third-party VPN devices, you configure Internet Key Exchange (IKE) settings in App Net Manager. Internet Key Exchange (IKE) is an Internet Protocol Security (IPsec) standard that secures VPN negotiation and access between networks.
When you set up third-party VPN devices, you must specify a pre-shared key (PSK), or shared secret, in the IKE settings. To ensure network security, you should follow these PSK best practices:
Use a PSK generator to create random secrets with large character sets.
Generate a unique PSK for every VPN tunnel.
Ensure the PSK is at least 30 characters long to prevent brute force attacks.
Do not transmit PSKs over the Internet. You should use fax, SMS, or phone to transmit PSKs to other users.
Do not store PSKs. After you specify the PSK on a third-party VPN device, you should discard it. If you need to configure the PSK again, you should generate a new one.
Change PSKs periodically. You should change PSKs at a frequency that matches your corporate password policy.