This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
CaseyB
Advisor
Friday

PSA: Check Point and Palo Alto - GCM Phase 1

Upgrading to R82 allows the use of GCM ciphers in Phase 1. If you were as excited as I, you might have tried to use them already and you might have had issues getting it to work with Palo Alto. This topic is for you!

How to define Pseudo Random Functions in the VPN community - According to this 7-year-old SK, you would assume that Check Point would send PRF-256 for AES-GCM-256 for Phase 1, this is not the case. Check Point sends PRF-384 for AES-GCM-256 in Phase 1, this is confirmed by debugs & TAC. Maybe there is a newer SK? I submitted feedback for that SK article.

Per Palo documentation - If you select an AES-GCM algorithm for encryption, you must select the Authentication setting non-auth or the commit will fail. The hash is automatically selected based on the DH Group selected. DH Group 19 and below uses sha256; DH Group 20 uses sha384.

So, for AES-GCM-256 in Phase 1 to work between Check Point and Palo Alto, you need to use at least Group 20. Group 19 and below will fail due to issues with PRF differences.

(1)
Who rated this post