12-09-2020 07:23 AM - edited 12-10-2020 05:07 AM
We are about to start migrating some Cisco network IOS router point-to-point static VPN links from IKEv1 to IKEv2. We have an established QoS and MTU policy that is hard set to the exact values for remote end client routers. The question is - Can we expect the overhead (packet size) of IKEv2 to be larger especially when combined-mode AES-GCM encryption or AES-CBC-256 and Integrity SHA384 is used?
Simply stated:
If the packet size across the point-to-point VPN is always 1490 with all overhead included and we change from IKEv1 to IKEv2 with GCM or AES/SHA will the packet size change?
Thank you
Frank
Solved! Go to Solution.
12-10-2020 07:54 AM
12-10-2020 07:54 AM
..... And the answer is yes ............... smaller.
Tks
Frank
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: