cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
604
Views
0
Helpful
1
Replies

Cisco router IKEv1 to IKEv2 migration

fsebera
Enthusiast
Enthusiast

 

 

We are about to start migrating some Cisco network IOS router point-to-point static VPN links from IKEv1 to IKEv2. We have an established QoS and MTU policy that is hard set to the exact values for remote end client routers. The question is - Can we expect the overhead (packet size) of IKEv2 to be larger especially when combined-mode AES-GCM encryption or AES-CBC-256 and Integrity SHA384 is used? 

 

Simply stated:

If the packet size across the point-to-point VPN is always 1490 with all overhead included and we change from IKEv1 to IKEv2 with GCM or AES/SHA will the packet size change?

 

Thank you

Frank

1 Accepted Solution

Accepted Solutions

fsebera
Enthusiast
Enthusiast

 

..... And the answer is yes ............... smaller.

Tks

Frank

View solution in original post

1 Reply 1

fsebera
Enthusiast
Enthusiast

 

..... And the answer is yes ............... smaller.

Tks

Frank

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers