Table of Contents
Advertisement
Chapter 11
Site-to-Site VPN
Encryption
Note
Hash
OL-4015-12
Cisco SDM supports a variety of encryption types, listed in order of security. The
more secure an encryption type is, the more processing time it requires.
Not all routers support all encryption types. Unsupported types will not
•
appear in the screen.
Not all IOS images support all the encryption types that Cisco SDM supports.
•
Types unsupported by the IOS image will not appear in the screen.
If hardware encryption is turned on, only those encryption types supported by
•
hardware encryption will appear in the screen.
Cisco SDM supports the following types of encryption:
DES—Data Encryption Standard. This form of encryption supports 56-bit
•
encryption.
3DES—Triple DES. This is a stronger form of encryption than DES,
•
supporting 168-bit encryption.
AES-128—Advanced Encryption Standard (AES) encryption with a 128-bit
•
key. AES provides greater security than DES and is computationally more
efficient than 3DES.
AES-192—AES encryption with a 192-bit key.
•
AES-256—AES encryption with a 256-bit key.
•
The authentication algorithm to be used for the negotiation. Cisco SDM supports
the following algorithms:
•
SHA_1—Secure Hash Algorithm. A hash algorithm used to authenticate
packet data.
MD5—Message Digest 5. A hash algorithm used to authenticate packet data.
•
Cisco Router and Security Device Manager 2.5 User's Guide
Create Site to Site VPN
11-9
Advertisement
Table of Contents
Troubleshooting
