01-10-2020 07:20 AM - edited 02-21-2020 09:50 PM
Dear all,
I'm actually deploying new routers to my GDOI Infrastructure.
The actual infrastructure is using 3DES as Phase 1 encryption algorithm.
I would like to use AES encryption algorithm for the new routers as it's more secure.
The Key Server can handle AES encryption but not the actual Group Members routers.
My question is to know if my new router would be able to communicate with the actual GM routers.
Thanks in advance,
01-10-2020 07:49 AM - edited 01-10-2020 07:57 AM
Hi,
All GM routers will need to be configured with the same algortihms, even though the KS supports AES it will also support 3DES, you'll just need to define what to use.
What hardware are you running? I'd be suprised if the old hardware did not support AES.
HTH
01-10-2020 08:26 AM
I don't think I've been understood clearly.
My question was to know if it was possible to have a KS using AES for some GM and 3DES for others.
As a matter of fact, I actually have old Cisco 2901 with ISM VPN module added.
01-10-2020 08:32 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide