Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 819 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec Connection

Tharindu Premarathne

Hi All,

Is Sophos Support HMAC????



This thread was automatically locked due to age.
  • 0

    Hello Tharindu,

    Thank you for contacting the Sophos Community!

    Yes the XG Supports IPsec connection. Sha is basically HMAC.

    Here are some logs that shows:

    received proposals:

    2020-09-20 00:11:26 29[CFG] <Azure_to_XG-1|3> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ

    Regards,

  • 0 in reply to emmosophos

    Hi Emmanuel,

    Thank you for your support,

    below is the phase 2 details that the customer send to me

    IPSEC Parameters (Phase 2)
    IPSEC Encryption: HMAC
    Authentication Method: AES
    Hash: SHA1, MDF5, SHA256
    Security Association Lifetime (seconds): 3600
    Perfect Forward Secrecy (PFS) (Yes or No)? Yes

    you can see the IPSEC Encryption is HMAC, so what SHA Profile is needed here?

    pardon for my English.

  • 0 in reply to Tharindu Premarathne

    Hello Tharindu,

    Thank you for the follow-up!

    They are providing you with incorrect information as HMAC is not used for Encryption but AES is, so please clarify with whoever provided you with this the requirements for the tunnel.

    Regards,