Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1863
Views
5
Helpful
4
Replies

FTD 6.5 and Diffie Hellman G5

Go to solution
benolyndav
Level 4
Level 4

‎08-10-2020 12:56 AM

HI

We have upgraded our soon to go live FTD's/FMC to 6.5 I have just seen a warning saying that DH group 5 is depreciated, does this mean that it just wont work as we have exsisting VPN's using DH group 5 on our current live devices ASA's

 

Thanks

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to benolyndav

‎08-10-2020 01:14 AM

Hi,
No, I am saying it will currently work on 6.5.....but at somepoint in the future cisco will remove DH group 5, so don't upgrade until you've changed your existing VPNs.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Rob Ingram
VIP
VIP

‎08-10-2020 01:07 AM - edited ‎08-10-2020 01:08 AM

Hi,
If you upgrade to a newer version once DH group 5 has been depreciated, at that point you will have a problem. You should probably change your existing VPNs now, as DH group 5 is insecure - also avoid DH group 2 and 24.

HTH

Go to solution
benolyndav
Level 4
Level 4
In response to Rob Ingram

‎08-10-2020 01:12 AM

Hi Rob

Thanks for the quick response so are you saying DH 5 just wont work on 6.5 ??

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to benolyndav

‎08-10-2020 01:14 AM

Hi,
No, I am saying it will currently work on 6.5.....but at somepoint in the future cisco will remove DH group 5, so don't upgrade until you've changed your existing VPNs.
0 Helpful

Go to solution
benolyndav
Level 4
Level 4
In response to Rob Ingram

‎08-10-2020 02:01 AM

Thanks Rob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card