cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
433
Views
0
Helpful
1
Replies
Highlighted
Beginner

IPSec Phase 1 & Phase 2: differences in commands

Hello !

What's difference between "hash sha / encryption aes256" in Phase 1 and "esp-sha256-hmac" in Phase 2 ? Are they the same or are there any difference ?

Everyone's tags (3)
1 REPLY 1
Highlighted
VIP Advisor VIP Advisor
VIP Advisor

Re: IPSec Phase 1 & Phase 2: differences in commands

Hi,
The algorithms defined in Phase 1 (isakmp policy) are used to establish an IKE SA (Security Association), through which 2 x IPSec SA (inbound/outbound) is negotiated using the Phase 2 algorithms defined in the IPSec Transform Set. All data transmitted through the VPN is over the IPSec SAs.

HTH