08-09-2007 04:47 AM - edited 03-05-2019 05:48 PM
Hi all, when people define phase 1 and phase 2 of ipsec, what does this mean, also , why do you have different settings i.e aes,sha1 etc for isakmp and ipsec profiles, why do you need this ?
08-09-2007 10:49 AM
Phase 1 establishes a secure connection, so the random key for phase 2 can be passed. This secure connection is either based on the pre-shared key or a cert. The algorithms you choose are just to determine how to negotiate the session.
Phase 2 uses the secure key created and passed in phase one to create the tunnel to pass data.
You can specify a different encryption algorythm for your key exchange and data exchange.
IPsec, can be pretty daunting to get into. There is a lot of doc's out there both on the web and on cisco's site. I'd recommend doing some research. I've found the learning curve to be steep.
08-10-2007 07:52 AM
so is phase 1 and 2 both the intial connection to the device, or is my domain authenication phase 2? i am confused
cheers
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide