Meraki

Community

Verify SHA level

Solved
BChimp0
Here to help
‎Dec 4 2020 11:30 AM
‎Dec 4 2020 11:30 AM

Verify SHA level

Hi there,

Where can I verify that I'm using SHA256 for remote-location tunnel access?  We're using site-to-site VPN

Thanks!

Bob

0 Kudos
1 Accepted Solution
Bruce
Kind of a big deal
‎Dec 4 2020 1:40 PM
‎Dec 4 2020 1:40 PM

If you’re using a VPN tunnel to a non-Meraki client then you’d choose this under the IPSec configuration. For Phase 2 you’ll have to remove all other methods to ensure you are using SHA256.  (Note: you need MX 15.12 or later). 

For AutoVPN the white paper, https://meraki.cisco.com/lib/pdf/meraki_whitepaper_autovpn.pdf, states that it uses SHA256, but not sure how you’d verify this. Might be something support can verify, and ensure that only SHA256 is used.

View solution in original post

2 Replies 2
Bruce
Kind of a big deal
‎Dec 4 2020 1:40 PM
‎Dec 4 2020 1:40 PM

If you’re using a VPN tunnel to a non-Meraki client then you’d choose this under the IPSec configuration. For Phase 2 you’ll have to remove all other methods to ensure you are using SHA256.  (Note: you need MX 15.12 or later). 

For AutoVPN the white paper, https://meraki.cisco.com/lib/pdf/meraki_whitepaper_autovpn.pdf, states that it uses SHA256, but not sure how you’d verify this. Might be something support can verify, and ensure that only SHA256 is used.

In response to Bruce
BChimp0
Here to help
‎Dec 4 2020 2:08 PM
‎Dec 4 2020 2:08 PM

Thanks Bruce!

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.