Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
5
Helpful
1
Replies

IPsec site to site VPN between Cisco RV042 and Fortigate 50E

ashna tomy
Level 1
Level 1

‎06-12-2021 05:17 AM

Anybody please help me to sort the issue with IPsec profiling in site to site VPN between Fortigate and Cisco rv042 .

Since i haven't find any KBA article relevant to this topic.

How i shall select the encryotion, hashing and DH group for both phase 1 and 2 .

Any articles relating to the selection of IPsec profiling for different OEM's.

Labels:
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎06-12-2021 06:27 AM

@ashna tomy 

I am not aware of generic guides that list the supported algorithms for the different vendors, but as they will all use IKE, Encryption, Hashing/Integrity and DH algorithms you should be able to select the algorithms that any vendor will support.

 

Suggested examples for you to use:-

 

Encryption: AES-GCM 256, 128 or AES-CBC

Hashing/Integrity: SHA512, 384, 256 or SHA1

DH Group: 19, 20, 21 or 15

 

Avoid 3DES, DES, MD5

 

Cisco Next Generation Encryption guide.

https://tools.cisco.com/security/center/resources/next_generation_cryptography

 

Customers Also Viewed These Support Documents