Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vilius
Explorer
Jump to solution

AES-GCM support - IPsec Phase1

Hello,

Checking R80.40 or R81 VPN administration guide i only see AES-128/256 for Site-to-site IPsec Phase 1 configuration. I believe that implies CBC. How about support for AES-256GCM in Phase1? Is it possible to support it by upgrading to some specific version or by enabling support somewhere under the hood?

I am receiving requests to negotiate GCM for both phases and actually one of the S2S remote party says they are stopping CBC support for IPSec. 

 

Thanks

 

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin

At this point, we only support AES-GCM ciphers with Phase 2. If you need then with Phase 1, please open an RFE.

View solution in original post

1 Reply
_Val_
Admin
Admin

At this point, we only support AES-GCM ciphers with Phase 2. If you need then with Phase 1, please open an RFE.