12-09-2020 07:23 AM - edited 12-10-2020 05:07 AM
We are about to start migrating some Cisco network IOS router point-to-point static VPN links from IKEv1 to IKEv2. We have an established QoS and MTU policy that is hard set to the exact values for remote end client routers. The question is - Can we expect the overhead (packet size) of IKEv2 to be larger especially when combined-mode AES-GCM encryption or AES-CBC-256 and Integrity SHA384 is used?
Simply stated:
If the packet size across the point-to-point VPN is always 1490 with all overhead included and we change from IKEv1 to IKEv2 with GCM or AES/SHA will the packet size change?
Thank you
Frank
Solved! Go to Solution.
12-10-2020 07:54 AM
12-10-2020 07:54 AM
..... And the answer is yes ............... smaller.
Tks
Frank
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide