Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1258
Views
20
Helpful
3
Replies

SHA-2 supported in IPSEC IKEv2

Go to solution
camty81
Level 1
Level 1

‎03-08-2021 08:11 PM

Hi,

 

I have ASA 5545-x with firmware 8.6(1), wanted to know, does it support SHA-2 in IPsec IKEv2?

 

Thanks

Cam

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎03-09-2021 12:36 AM

Hi @camty81 

ASA 8.6 supports IKEv2 but doesn't appear to support SHA-2, only SHA and MD5 as validate integrity methods.


Reference

https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_site2site.html#wp1042828

 

I'd suggest upgrading your ASA, your hardware supports up to version 9.14

Upgrade path:-

https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html#ID-2152-0000000a

View solution in original post

3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎03-09-2021 12:36 AM

Hi @camty81 

ASA 8.6 supports IKEv2 but doesn't appear to support SHA-2, only SHA and MD5 as validate integrity methods.


Reference

https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_site2site.html#wp1042828

 

I'd suggest upgrading your ASA, your hardware supports up to version 9.14

Upgrade path:-

https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html#ID-2152-0000000a

Go to solution
camty81
Level 1
Level 1
In response to Rob Ingram

‎03-10-2021 02:27 AM

Hi @Rob Ingram 

 

Thank you for the feedback and suggestion.

0 Helpful

Go to solution
Sheraz.Salim
VIP
VIP

‎03-09-2021 01:05 AM

upgrade to 9.8.4 we recentely upgrade to 9.14 had issue and TAC recommand to use 9.8.4 as it a gold star release.

please do not forget to rate.
Customers Also Viewed These Support Documents