Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ray_Hugh
Participant

VPN encryption method

I'm not sure this is the right group, but it's the closest I can find:

Is SHA256 actually supported on R75.20?  I can see the tunnel is established using SHA256, but the traffic seems to be trying to go through with SHA1, and failing because there are no valid SAs.

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

This appears to be a known bug in R75.20 per this SK: Traffic does not pass over Site-to-Site VPN tunnel when choosing SHA-256 for IKE Phase 2 negotiation 

You can try asking TAC for the appropriate hotfix, but I highly recommend upgrading to a supported release as R75.20 has been End of Support for quite some time.

Ray_Hugh
Participant

Thank you for the confirmation.  We are planning to upgrade this firewall.  Hopefully, this will give it some urgency.

0 Kudos