This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does the ASG support ESP-3DES

I have a question to which I can not find an answer...

I need to setup a VPN Site-2-Site tunnel between an ASG and a Cisco box.

We get Phase 1 authentication done (IKE) and succesfull.
But we can not get Phase 2 to work.

We need to use ESP-3DES and ESP-MD5-HMAC
In the policy settings these are not available so we selected 3DES and MD5.
But this does not work.

So the question is does an ASG running 8.304 support ESP-3DES and ESP-MD5-HMAC?
If so, how do you configure this?

Thank you.
Raoul

This thread was automatically locked due to age.

Parents

0 wingman over 12 years ago

Hi rvaneynd

I would suggest not to use MD5 and 3DES and change it to AES356- SHA1. Cisco should be able to be configured with the latest encryption depending on the platform (ASA vs router) and the firmware

Is there a specific business need that you will need to run ESP-3DES/ESP-MD5-HMAC for the VPN ?

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 rvaneynd over 12 years ago in reply to wingman

Wingman,

Thank you for the response.
Unfortunately we have no control over the Phase 1 or Phase 2 Authentication to be used.
We work with a large organisation who dictates this on us.

Therefore I have no option but to use what they tell us.

So the question still stands.
Does the ASG support ESP-3DES and ESP-MD5-HMAC?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 rvaneynd over 12 years ago in reply to wingman

Wingman,

Thank you for the response.
Unfortunately we have no control over the Phase 1 or Phase 2 Authentication to be used.
We work with a large organisation who dictates this on us.

Therefore I have no option but to use what they tell us.

So the question still stands.
Does the ASG support ESP-3DES and ESP-MD5-HMAC?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data