09-30-2009 08:19 AM - edited 03-11-2019 09:21 AM
Hi All,
Can anyone confirm if any Cisco ASA supports the SHA-256 hashing algorithm whilst establishing a VPN tunnel?
Many thanks
Fastethernet
09-30-2009 08:45 AM
Fastethernet
From the Command Reference for the ASA, an option for the crypto isakmp policy hashing algorithm is: sha
Specifies SHA-1 (HMAC variant) as the hash algorithm for the IKE policy.
see this link for details:
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2228816
for encrypting traffic for IPSec there is support for AES-256:
esp-aes-256 to use AES with a 256-bit key.
see this link for details:
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2199475
HTH
Rick
09-30-2009 01:38 PM
Hi Rick,
Thanks for the prompt response.
I wanted to run SHA 2 (SHA-224, SHA-256, SHA-384, or SHA-512) not SHA 1. Is there any way to use this hashing algorithm on an ASA?
Cheers
Fastethernet
10-01-2009 03:55 AM
Fastethernet
I am not aware of any option currently available to specify SHA-2 as the hashing algorithm on the ASA and my review of the command reference does not show any option for that.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide