09-18-2018 12:25 PM - edited 03-12-2019 05:30 AM
Hello,
I am searching for SHA-256 support in IPSEC VPN site to site for the Cisco ASA , what is the supported model/software as i can't see it in the available hashing algorithms in ASA 5500.
Thanks,
Julio César
09-20-2018 04:48 PM
Ikev2 on 5500 series cannot use sha256 this is a hardware limitation due to the architecture of the CPU. You can also see the limitation listed here :
“SHA-256 can be used for integrity and PRF to establish IKEv2 tunnels, but it can also be used for ESP integrity protection on the newer ASA platforms (and not 5505, 5510, 5520, 5540, or 5550).”
09-22-2018 01:43 PM
thanks Roy
one more question: And with ikev1 you can not use sha256 either?
09-22-2018 01:41 PM
thanks Roy
one more question: And with ikev1 you can not use sha256 either?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide