The IKE Phase 1 parameters used by the vCNS Edge include:
- Main mode
- AES/ AES 256 Preferred/ TripleDES /
- SHA-1
- MODP (DH) group 2 (MODP1024 bits)
- pre-shared secret [Configurable]
- SA lifetime of 28800 seconds (eight hours) with no kbytes rekeying
- ISAKMP aggressive mode disabled
The IKE Phase 2 parameters supported by vCNS Edge include:
-
AES/ AES 256 Preferred/ TripleDES /[Will match the Phase 1 setting]
-
SHA-1
-
ESP tunnel mode
-
MODP (DH) group 2 (MODP1024 bits)
-
Perfect forward secrecy for rekeying
-
SA lifetime of 3600 seconds (one hour) with no kbytes rekeying
-
Selectors for all IP protocols, all ports, between the two networks, using IPv4 subnets
Note: The VPN tunnel may be up but appear as down with a Red X. This is a known issue where vCloud Director interface does not regularly check for status. Toggling a setting on the edge device can resolve this issue.
Comments
0 comments
Please sign in to leave a comment.