cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
391
Views
0
Helpful
6
Replies

Site to site vpn

adamgibs7
Level 6
Level 6

Dears,

My IKEv2 tunnel is not coming up with the below settings , on my end I have a asa and the remote end is check point , I want to know the below is correct configuration or there should be some change,

 

crypto ipsec ikev2 ipsec-proposal AES256

protocol esp encryption aes-256----- this will match will sha512 lower setting or I shld lower it down aes 192

protocol esp integrity sha-512-------------I want to know this can match with AES 256 above or I shld lower it down

 

crypto ipsec ikev2 ipsec-proposal AES192

protocol esp encryption aes-192

protocol esp integrity sha-384

 

 

crypto ikev2 policy 1

encryption aes-256

integrity sha512

group 20 21

prf sha512

lifetime seconds 86400

 

 

crypto ikev2 policy 2

encryption aes-192

integrity sha384

group 20 21

prf sha384

lifetime seconds 86400

6 Replies 6

GioGonza
Level 4
Level 4