Filter
Top Products
25-15
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 25 Configuring IKE and IPsec Policies
Understanding IKE
Encryption Algorithm The encryption algorithm used to establish the Phase 1 SA for
protecting Phase 2 negotiations. Click Select and select all of the
algorithms that you want to allow in the VPN:
• AES-GCM-256—Encrypts according to the Advanced Encryption
Standard in Galois/Counter Mode using 256-bit keys. (ASA 5580
and ASA 5500-X Series devices running 9.0.1+ only).
• AES-GCM-192—Encrypts according to the Advanced Encryption
Standard in Galois/Counter Mode using 192-bit keys. (ASA 5580
and ASA 5500-X Series devices running 9.0.1+ only).
• AES-GCM—Encrypts according to the Advanced Encryption
Standard in Galois/Counter Mode using 128-bit keys. (ASA 5580
and ASA 5500-X Series devices running 9.0.1+ only).
• AES-256—Encrypts according to the Advanced Encryption
Standard using 256-bit keys.
• AES-192—Encrypts according to the Advanced Encryption
Standard using 192-bit keys.
• AES—Encrypts according to the Advanced Encryption Standard
using 128-bit keys.
• 3DES—Encrypts three times using 56-bit keys. 3DES is more
secure than DES, but requires more processing for encryption and
decryption. It is less secure than AES. A 3DES license is required
to use this option.
• DES—Encrypts according to the Data Encryption Standard using
56-bit keys.
• Null—No encryption algorithm.
Table 25-2 IKEv2 Proposal Dialog Box (Continued)
Element Description