Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
937
Views
0
Helpful
3
Replies

Cisco ASA

fastethernet
Level 1
Level 1

‎09-30-2009 08:19 AM - edited ‎03-11-2019 09:21 AM

Hi All,

Can anyone confirm if any Cisco ASA supports the SHA-256 hashing algorithm whilst establishing a VPN tunnel?

Many thanks

Fastethernet

Labels:
0 Helpful
3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

‎09-30-2009 08:45 AM

Fastethernet

From the Command Reference for the ASA, an option for the crypto isakmp policy hashing algorithm is: sha

Specifies SHA-1 (HMAC variant) as the hash algorithm for the IKE policy.

see this link for details:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2228816

for encrypting traffic for IPSec there is support for AES-256:

esp-aes-256 to use AES with a 256-bit key.

see this link for details:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2199475

HTH

Rick

HTH

Rick
0 Helpful

fastethernet
Level 1
Level 1
In response to Richard Burts

‎09-30-2009 01:38 PM

Hi Rick,

Thanks for the prompt response.

I wanted to run SHA 2 (SHA-224, SHA-256, SHA-384, or SHA-512) not SHA 1. Is there any way to use this hashing algorithm on an ASA?

Cheers

Fastethernet

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to fastethernet

‎10-01-2009 03:55 AM

Fastethernet

I am not aware of any option currently available to specify SHA-2 as the hashing algorithm on the ASA and my review of the command reference does not show any option for that.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card