I was doing some random reading today and found a page that says the AutoVPN tunnels use AES-128 for encryption. Is that true? I tried searching it some more and nothing says what encryption level it uses.
The page I was reading is here under FAQ:
Has anyone seen anything else or know if this is true or not?
Solved! Go to solution.
The VPN tunnel is established. The Cisco Meraki cloud already knows VLAN and subnet
information for each MX, and now, the IP addresses to use for tunnel creation. The dashboard
and MXs establish two 16-character pre-shared keys (one per direction) and create a 128-
bit AES-CBC tunnel. Meraki Auto VPN leverages elements of modern IPSec (IKEv2, DiffeHellman and SHA256) to ensure tunnel confidentiality and integrity. Local subnets specified
in the dashboard by admins are exported across the VPN
meraki_whitepaper_autovpn.pdf (cisco.com)
That's what I was seeing as well. My concern is the link I shared says it's AES-128, and since we have to adhere to PCI requirements, it has to be a minimum AES-256.
The VPN tunnel is established. The Cisco Meraki cloud already knows VLAN and subnet
information for each MX, and now, the IP addresses to use for tunnel creation. The dashboard
and MXs establish two 16-character pre-shared keys (one per direction) and create a 128-
bit AES-CBC tunnel. Meraki Auto VPN leverages elements of modern IPSec (IKEv2, DiffeHellman and SHA256) to ensure tunnel confidentiality and integrity. Local subnets specified
in the dashboard by admins are exported across the VPN
meraki_whitepaper_autovpn.pdf (cisco.com)
That doc was what I needed. Thank you