×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Does LMS 4.0.1 Support SHA 256?

Unanswered Question
Sep 17th, 2014
User Badges:

Under LMS 4.0.1 when I look at devices under credential settings for devices SHA1 is only available. Is there an add-on that needs to be installed to support SHA 256?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Marvin Rhoads Wed, 09/17/2014 - 20:31
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

Where exactly do you see the SHA settings in LMS?

I can only recall using that setting on the IOS devices themselves when specifying the integrity type for IPsec VPNs or the enable secret password encryption (type 4 - implementation flawed and thus not recommended).

You can of course create cli templates and compliance checks in LMS that use those options.

douglas.mckee Thu, 09/18/2014 - 08:11
User Badges:

Under the "Inventory" tab Add/Import/Manage devices. When I select a switch to edit under credential settings the drop down box for SNMPV3 settings only has MD5 and SHA1 options available.

Marvin Rhoads Thu, 09/18/2014 - 08:46
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

That's because the only SNMP v3 authentication algorithms supported (on either IOS or NX-OS or ASA software) are MD5 and SHA1.

The SNMP v3 encryption algorithms support up to AES-256 (on NX-OS and IOS) and that is selectable in the SNMPv3 credentials settings on LMS.

That applies even on the latest updated Prime LMS Version 4.2(5).

douglas.mckee Thu, 09/18/2014 - 10:07
User Badges:

Marvin,

Thank you for the insightful information. Initially searching the web and LMS documentation didn't seem to provide any direct answers to this question.

 

Doug

 

Actions

This Discussion