Meraki

Community

Auto VPN Whitepaper

Solved
MattSc
Conversationalist
‎Jan 29 2020 8:44 PM
‎Jan 29 2020 8:44 PM

Auto VPN Whitepaper

Hi,

 

I'm trying to find some clarification around a particular entry in the white paper around Auto VPN

 

1. MXs advertise their WAN IP addresses and any active NAT traversal UDP ports to the
Cisco Meraki cloud. Device-to-cloud communication is encrypted twice: once via Meraki-proprietary
encryption and again using SSL.

 

It mentions SSL is in use, is this correct? and if so which version would it happen to be using? we have been asked to clarify this in a project we are currently working on.

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 29 2020 10:38 PM
‎Jan 29 2020 10:38 PM

The term SSL is used generically.  It is TLS.  It is talked about briefly here.

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/... 

 

The AutoVPN whitepaper only mentions TLS.

https://meraki.cisco.com/lib/pdf/meraki_whitepaper_autovpn.pdf 

 

 

I'm not aware of anything stating the TLS version in use.

 

I would think that as part of PCI compliance it would be mandatory to use TLSv1.2.

https://meraki.cisco.com/trust#pci 

View solution in original post

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 29 2020 10:38 PM
‎Jan 29 2020 10:38 PM

The term SSL is used generically.  It is TLS.  It is talked about briefly here.

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/... 

 

The AutoVPN whitepaper only mentions TLS.

https://meraki.cisco.com/lib/pdf/meraki_whitepaper_autovpn.pdf 

 

 

I'm not aware of anything stating the TLS version in use.

 

I would think that as part of PCI compliance it would be mandatory to use TLSv1.2.

https://meraki.cisco.com/trust#pci 

In response to PhilipDAth
MattSc
Conversationalist
‎Jan 30 2020 3:25 PM
‎Jan 30 2020 3:25 PM

Hi Phillip,

 

Thanks for the link to that version of the whitepaper, it seems as though i had obtained a rather old copy of the paper which is what sparked the question, appreciate the updated copy.

 

 

MattSc_0-1580426613241.png

MattSc_1-1580426672530.png

 

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.