cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

410
Views
0
Helpful
4
Replies
Highlighted

40bit IPSec Encryption

Hi ,

One of my customers wants to set up a IPSec tunnel back to a Cisco Gateway outside the US, due to govt regulations they want an encryption less than 56bits. I wanted to ask  if any body knows a Cisco router that supports 40bit Encryption?

Thanks

Raj

4 REPLIES 4
Cisco Employee

Re: 40bit IPSec Encryption

Unfortunately no, the lowest is 56 bit.

Even on the old version of IOS which is EOL, there is no encryption lower than 56-bit:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_e1.html#wp1034854

Do they still require encryption as 40bit is as good as no encryption? If not, just have GRE tunnel if that is an option.

Re: 40bit IPSec Encryption

Thank you Jennifer!

Cisco Employee

Re: 40bit IPSec Encryption

Hi,

40 Bit DES was only supported in very early versions of IOS prior to IPSec support. The feature was called CET (Cisco Encryption Technology) and was cisco proprietary. If you have routers running 12.1 or ealier, you should still be able to configure it. Here is the configuration guide for the feature:

http://www.cisco.com/en/US/partner/docs/ios/11_3/security/configuration/guide/scencryp.html

Specifically, the command to enable 40 bit DES is "crypto algorithm 40-bit-des cfb-8".

Hope this helps.

Thanks,

Wen

Re: 40bit IPSec Encryption

Thank you for your reply Wen, appreciate it