I would like to make a list with Vendor IDs, their Hex values and their purpose.
I am not aware of any document that mentions their usage and values so I would like to make one.
The reason for this is that in some outputs (e.g. 'capture CAP type isakmp' or 'debug crypto ikev1 255') on ASA you see only the Hex values of the VID.
I will make the beginning by combining outputs from the above debug commands along with Wireshark captures and list some of the VIDs and their usage. Please feel free to continue the update/correction of the list:
Data (In Hex): 09 00 26 89 df d6 b7 12
Name: draft-beaulieu-ike-xauth-02.txt (XAUTH)
Usage: In my opinion this VID informs the Responder that the Initiator is using Aggressive mode.
Data (In Hex): af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
Name: RFC 3706 Detecting Dead IKE Peers (DPD)
Usage: In my opinion this VID informs the Responder that the Initiator supports DPD.
Data (In Hex): 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 80 00 00 00
Name: Cisco Fragmentation
Data (In Hex): 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
Usage: Advertises the capability of the device to support NAT-T (NAT Traversal Support)
Data (In Hex): 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
Early Access introduces a...
This video features a step by step walk through of configuring Cisco AnyConnect on FTD managed by FMC. Timestamps included for certificate installation, Access Control, Licensing, NAT, and Deployment failures.
I am trying to solve a CSR signing issue in a home lab.Can someone clarify this theoretical point? According to Wikipedia: "Before creating a CSR, the applicant first generates a key pair, keeping the private key secret. The...
Threat Response integrates with Cisco's Web Security Appliance (WSA) to provide visibility into web-bourne threats. By adding a Web Security or SMA Web module to Threat Response, investigators will be able to search for domains, URLs, and file hashes th...
I was helping some friends and they were trying to solve a scalable VPN issues, specially these days with the pandemic situation.
I recommended to implement ASA VPN Load-Balancing.
This will allow to keep 1 FQDN for all RA-VPN users an...