Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7218
Views
10
Helpful
6
Replies

IPSec Packet Size Calculator - SHA256 digest?

Go to solution
sebastian.lemke
Level 1
Level 1

‎09-24-2013 06:10 AM - edited ‎02-21-2020 07:11 PM

Hi,

I recently discovered the IPSec Packet Size Calculator in this forum (see attachment).

It is very helpful to calculate the overhead when using IPSec, esp. DMVPN.

Unforunately it doesn't contain options for the following hashes:

  esp-sha256-hmac  ESP transform using HMAC-SHA256 auth

  esp-sha384-hmac  ESP transform using HMAC-SHA384 auth

  esp-sha512-hmac  ESP transform using HMAC-SHA512 auth

Where can I find information about how big the digest will be when using "esp-sha256-hmac" in my transform set?

Is somebody able and willing to implement these new options in the calculator?

Thanks

Labels:
15367919-IPSec Calculator.htm.zip
1 Accepted Solution

Accepted Solutions

Go to solution
wzhang
Cisco Employee
Cisco Employee
In response to sebastian.lemke

‎03-19-2015 01:39 PM

This was just published about a week ago:

https://cway.cisco.com/tools/ipsec-overhead-calc/ipsec-overhead-calc.html

Thanks,

Wen

View solution in original post

6 Replies 6

Go to solution
sebastian.lemke
Level 1
Level 1

‎09-30-2013 03:43 AM

Hi,

can nobody give me a hint?

:-)

0 Helpful

Go to solution
ctucker1405
Level 1
Level 1
In response to sebastian.lemke

‎03-11-2014 04:51 PM

We are looking for similar information while troubleshooting what looks to be a fragmentation issue with our dmvpn ipsec solution. We have implemented AES128 and SHA256. I found the following for the lower hash/hmacs, but it stops with SHA-1. http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/vspa/configuration/guide/ivmsw_book/ivmvpnb.html#wp2055737. Did you find any information? Anyone else?
0 Helpful

Go to solution
sebastian.lemke
Level 1
Level 1
In response to ctucker1405

‎03-12-2014 01:39 AM

up until now I didn't find any reliable information either.

I contacted the authour of the above html file, but there is no new version...

Would also greatly appreciate an update :-)

0 Helpful

Go to solution
wzhang
Cisco Employee
Cisco Employee
In response to sebastian.lemke

‎03-19-2015 01:39 PM

This was just published about a week ago:

https://cway.cisco.com/tools/ipsec-overhead-calc/ipsec-overhead-calc.html

Thanks,

Wen

Go to solution
sebastian.lemke
Level 1
Level 1
In response to wzhang

‎03-20-2015 01:51 AM

Thanks Wen!!

Thats exactly what I was looking for!

0 Helpful

Go to solution
wzhang
Cisco Employee
Cisco Employee
In response to sebastian.lemke

‎03-20-2015 06:08 AM

Sebastian:

 

Good to know the tool is useful to you. If you have any ideas on how it can be enhanced, provide your feedback using the feedback link, and we'll do what we can.

 

Thanks,

Wen

0 Helpful
Customers Also Viewed These Support Documents