Richard Burts Wed, 09/30/2009 - 08:45

Fastethernet

From the Command Reference for the ASA, an option for the crypto isakmp policy hashing algorithm is: sha

Specifies SHA-1 (HMAC variant) as the hash algorithm for the IKE policy.

see this link for details:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2228816

for encrypting traffic for IPSec there is support for AES-256:

esp-aes-256 to use AES with a 256-bit key.

see this link for details:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2199475

HTH

Rick

fastethernet@gm... Wed, 09/30/2009 - 13:38

Hi Rick,

Thanks for the prompt response.

I wanted to run SHA 2 (SHA-224, SHA-256, SHA-384, or SHA-512) not SHA 1. Is there any way to use this hashing algorithm on an ASA?

Cheers

Fastethernet

Richard Burts Thu, 10/01/2009 - 03:55

Fastethernet

I am not aware of any option currently available to specify SHA-2 as the hashing algorithm on the ASA and my review of the command reference does not show any option for that.

HTH

Rick

Actions

This Discussion