Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1688
Views
0
Helpful
2
Replies

Diffie Hellman group 5

registrato
Level 1
Level 1

‎07-28-2005 10:55 PM

VPN 3000 config guide says that:

"...Group 5 (1536-bits) ...... works only for LAN-to-LAN connections, and for clients using certificates."

but then it also lists this proposal:

"...CiscoVPNClient3DES-MD5-DH5 = Use preshared keys (XAUTH).... Use D-H Group 5 to generate SA keys. This selection

allows XAUTH user-based authentication."

Does this mean that this particular proposal can only be used with LAN-to-LAN connections or is there something I'm missing?

Labels:
0 Helpful
2 Replies 2

bogdahnt
Level 1
Level 1

‎08-03-2005 10:21 PM

Hi,

I have a running connection with VPN Client 4.0.5(D) and Concentrator 3005 Version 4.7.2 with IPSec SAs parameters AES-256 and DH-Group 5 and it works fine.

So it seems that this is working for client connections too and not only for L2L connections.

0 Helpful

registrato
Level 1
Level 1
In response to bogdahnt

‎08-06-2005 04:25 AM

Thank you for your answer,

are you using digital certificates, hybrid authentication or preshared keys?

0 Helpful
Customers Also Viewed These Support Documents