Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
579
Views
0
Helpful
1
Replies

IPSEC using RSA-SIGNATURE

rehan alam
Level 1
Level 1

‎09-07-2015 01:37 AM - edited ‎02-21-2020 08:27 PM

If I'm using RSA-SIG as authentication mechanism;
1. do i need to configure PSK as well on my router.
2. is ther any use of shared secret key that is generated by DH Group in case of RSA-SIG based authentication.

 

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎09-07-2015 04:33 AM

RSA-SIG is used for the authentication of the VPN-peers. With that, PSKs are not needed any more. But authenticating the VPN is only one step in setting it up. Both peers still need key-material for the encryption and integrity-protection. All this key-material is typically generated with Diffie-Hellmann and still needed regardless of the way you authenticate your peer.

0 Helpful
Customers Also Viewed These Support Documents