Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
carl_t
Contributor

issue with IKE weak negotiations on R80.20

Hi All

Can anyone shed any light for us, we have regular pen tests from our partner, we have a firewall that they say is responding to weak IKE transformations.

We have IKEv2 enabled on this said firewall using AES256 and SHA256 but they still say its weak.

Other firewalls are configured the same but don't have any issues.

Any ideas?

 

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

Specifically, which ciphers do they claim is being offered?
0 Kudos
Timothy_Hall
Champion
Champion

The go-to SK for audit scan results is this one: sk100647: Check Point response to common false positives scanning results

Could this be what they are referring to specifically for IKE, which doesn't apply to Check Point firewalls anyway: sk134572: Check Point response to Bleichenbacher oracle cryptographic attack (IKEv1/IKEv2) 

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events