cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
900
Views
0
Helpful
1
Replies
azhdar1234
Beginner

IPSec Phase 1 & Phase 2: differences in commands

Hello !

What's difference between "hash sha / encryption aes256" in Phase 1 and "esp-sha256-hmac" in Phase 2 ? Are they the same or are there any difference ?

1 REPLY 1
Rob Ingram
VIP Mentor

Hi,
The algorithms defined in Phase 1 (isakmp policy) are used to establish an IKE SA (Security Association), through which 2 x IPSec SA (inbound/outbound) is negotiated using the Phase 2 algorithms defined in the IPSec Transform Set. All data transmitted through the VPN is over the IPSec SAs.

HTH
Content for Community-Ad