04-06-2020 06:06 AM
Dear community,
I have a customer that we have a VPN tunnel with. Since the customer is upgrading their network infrastructure there are new demands for the new VPN tunnel between my Cisco ASA 5515 and their firewall.
Here are the demands:
IKE Phase 1 | Initiator: Main Mode | IKE Phase 2 | Perfect Forward Secrecy (PFS): NO |
Encryption | AES-256 | Encryption | AES-256 |
Authentication | SHA256 | Authentication | SHA256 |
Diffie-Hellman Group | 14 (2048 bits) | Encapsulation | ESP |
SA Lifetime (sec) | 86400 | SA Lifetime (sec) | 3600 |
When i look at the Cisco ASA documentation it seems that IKE Phase 1 no problems there. However for the IKE Phase 2 i am not able to find if it is possible to have those settings that the customer requires.
Many thanks for the help in advanced.
04-06-2020 06:57 AM
04-06-2020 07:06 AM
04-06-2020 07:14 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide