Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Regarding VPN connections in PIX

In IKE phase-1 we will share the following parameters:-

1. authentication method used to authenticate peers

2.Encryption method(DES/3DES to be used for Phase-2 data encryption)

3. Hash algoritham to be used for Phase-1 and 2

Then why it is mentioned that ESP/AH will be used for encryption and authentication in Phase-2.

Actually it should be mentioned that DES/3DES will be used by Phase-2 to encrypt the data and ESP is used

to encapsulate the encrypted data.Whether the meaning of ESP is to encrypt the data?

4. Similarily what is the meaning of using DH groups--we will share the DH public key during Phase-1,then what is the meaning of DH groups

5.whether 3DES means encrypting the data

3 times as compared to DES which

encrypts the data once i.e.the data is

encrypted with one key and then the encrypted data is again encrypted with second key and then the third key is used for further encryption


Re: Regarding VPN connections in PIX

All good questions, best answered in the original source of the whole standard; the rfc;-


CreatePlease to create content