Themaximum transmission unit (MTU) is the size, in bytes, of the largest packet supported by a network layerprotocol, including both headers and IP packet payload.
Network packets sent over a VPN tunnel are encrypted and then encapsulated in anouter packet so that they can be routed. Cloud VPN tunnels useIPsec and ESP for encryption and encapsulation. Because the encapsulated inner packet mustit*elf fit within the MTU of the outer packet, its maximum IP packet payloadmust be smaller.
HA VPN over Cloud Interconnect doesn't support jumbo frames for encryptedVLAN attachments.
Packet encapsulation and processing
To successfully transmit packets using Cloud VPN tunnels, you mustenable prefragmentation on yourpeer VPN gateway so thatpackets that it sends are fragmented before they are encrypted andencapsulated.
As a Cloud VPN tunnel processes packets bound for your peer network:
Cloud VPN uses MSS clamping to ensure that TCP packets fit within thepayload MTU before IPsec encapsulation.
For other protocols, Cloud VPN processes packets before IPsecencapsulation as follows:
- If the packet's
DF
bit is set, and the Cloud VPN gatewaydetermines that fragmentation is necessary, the Cloud VPN gatewaysends an ICMP Fragmentation Needed (IPv4) or ICMPv6 Packet Too Big messageto the sender. Delivery of ICMP or ICMPv6 messages requires that youconfigure ingress allow firewall rules applicable to theCompute Engine VM sender –one rule to allow ICMP ingress, and, fordual-stack VMs, another rule to allow ICMPv6 ingress. - If the packet's
DF
bit is not set, and the Cloud VPN gatewayand the packet exceeds the payload MTU, the Cloud VPN gatewayattempts to deliver the packet. The packet might be dropped by asubsequent hop after the Cloud VPN tunnel if the packet is toolarge for the next hop.
- If the packet's
For more details about MSS clamping and PMTUD, see MSS clamping and path MTUdiscovery in the VPCMTU documentation.
Gateway MTU versus payload MTU
Cloud VPN differentiates between the Cloud VPN gatewayMTU and theCloud VPN payloadMTU. TheCloud VPN gateway MTU is:
- 1460 bytes, for Cloud VPN tunnels
- 1440 bytes, for HA VPN over Cloud Interconnect
Configure your peer VPN gateway to use an MTU that matches the correspondingCloud VPN gateway MTU.
The payload MTU for a Cloud VPN tunnel depends on what ciphers thetunnel is configured to use and whether the gateway uses IPv4 or IPv6 interfaces. For more information, see Cloud VPN payload MTU values.
MTU in HA VPN gateways with IPv6 interfaces
The gateway MTU is the same in both HA VPNgateways with IPv6 interfaces and HA VPNgateways with IPv4 interfaces. However, because IPv6 headers are largerthan IPv4 headers, the payload MTU of a gateway with IPv6 interfaces isalways 20 bytes smaller than the payload MTU for an identicalIPv4-addressed HA VPN gateway.
For example, an HA VPN gateway with IPv4 interfaces usingnon-AEAD ciphers has a gateway MTU of 1460 bytes and a payload MTU of 1406 bytes.Whereas, an HA VPN gateway with IPv6 interfaces using non-AEADciphers has a gateway MTU of 1440 bytes and a payload MTU of 1386 bytes.
For more information,see Maximum transmission unit.
Cloud VPN payload MTU values
The Cloud VPN payload MTU depends on the ciphers chosen in yourCloud VPN connection.
Payload MTU for AEAD ciphers
The following table shows phase 1 and phase 2 cipher combinations for non-AEADciphers that have an Cloud VPN payload MTU of:
- 1406 bytes, for Cloud VPN tunnels
- 1386 bytes, for HA VPN over Cloud Interconnect with IPv4 interfaces
- 1366 bytes, for HA VPN over Cloud Interconnect with IPv6 interfaces
Phase 1 | Phase 2 |
---|---|
AES-GCM-16-128 | AES-GCM-16-128 |
AES-GCM-16-192 | AES-GCM-16-192 |
AES-GCM-16-256 | AES-GCM-16-256 |
AES-GCM-16-128 | AES-GCM-16-192 |
AES-GCM-16-192 | AES-GCM-16-128 |
AES-GCM-16-256 | AES-GCM-16-192 |
AES-GCM-16-128 | AES-GCM-16-256 |
AES-GCM-16-192 | AES-GCM-16-256 |
AES-GCM-16-256 | AES-GCM-16-128 |
Payload MTU for non-AEAD ciphers
The following table shows phase 1 and phase 2 cipher combinations for non-AEADciphers that have an Cloud VPN payload MTU of:
- 1374 bytes, for Cloud VPN tunnels
- 1354 bytes, for HA VPN over Cloud Interconnect with IPv4 interfaces
- 1334 bytes, for HA VPN over Cloud Interconnect with IPv6 interfaces
Phase 1 - Encryption | Phase 1 - Integrity | Phase 2 - Encryption | Phase 2 - Integrity |
---|---|---|---|
AES-CBC-128 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-512-256 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-512-256 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-512-256 |
The following table shows phase 1 and phase 2 cipher combinations for non-AEADciphers that have an Cloud VPN payload MTU of:
- 1390 bytes, for Cloud VPN tunnels
- 1370 bytes, for HA VPN over Cloud Interconnect with IPv4 interfaces
- 1350 bytes, for HA VPN over Cloud Interconnect with IPv6 interfaces
Phase 1 - Encryption | Phase 1 - Integrity | Phase 2 - Encryption | Phase 2 - Integrity |
---|---|---|---|
AES-CBC-128 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-128 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-192 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA1-96 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-256-128 |
AES-CBC-256 | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | AES-XCBC-96 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | AES-XCBC-96 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | AES-XCBC-96 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | AES-CMAC-96 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | AES-CMAC-96 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | AES-CMAC-96 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA1-96 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-MD5-96 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA256-128 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA384-192 | AES-CBC-256 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-128 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-192 | HMAC-SHA1-96 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA2-256-128 |
3DES-CBC | HMAC-SHA512-256 | AES-CBC-256 | HMAC-SHA1-96 |
What's next
- To learn about the basic concepts of Cloud VPN, see theCloud VPN overview.
- To help you solve common issues that you might encounter when usingCloud VPN, see Troubleshooting.