Cisco Security :: Encryption Option For AES256-CTR
Aug 1, 2011Does there are plans to include support AES256-CTR (vice AES256-CBC) in IOS code?
View 2 Replies
ADVERTISEMENT
Cisco VPN :: AES256 VPN Encryption Method
Dec 21, 2012I've some VPN encryption method questions.Is it recommended to use different encryption algorithms for both VPN phases (phase 1 and phase 2)?I’ve read once that it is much secure to use different encryption algorithms for each phase.In my opinion, I would go for the AES256 algorithm in both phases. But maybe it is a better idea to use AES128 or AES192 in the first phase and AES-256 in the second phase… I don't know.After saying this, I’m also wondering about the best VPN encryption setup for a site-to-site VPN (IKEv2) when using a Cisco ASA like the 5510, 5520 or the 5515.Which encryption method is recommended for phase 1 and phase 2Which PFS / DH-group should be used (considering CPU load and security)
View 2 Replies View RelatedCisco VPN :: AES256 / 3 DMVPN Tunnel With Different Encryption To The Same Destination?
Apr 25, 2013i have a general Question regarding buildings SA´s between two peers.Can I establish more than one SA between two Peers with the same IP Address?Actually I have 3 DMVPN´s running in parallel in different VRF´s using the same SA.They have all the same IPSEC encryption AES256.Now I need to reduce the encryption to 3DES in one of the three DMVPN´s.Is that possible or do I need a differnet IP Address so that the SA Pair is unique?Thats how I stared, with a Phase 2 failure that it is not acceptable.
crypto keyring preshared
pre-shared-key address x.x.x.x key ....ncvnbxcnbLsaYiKtxc4ex4U99Tn...
pre-shared-key address x.x.x.x key ....qerqwerJLsaYiKtxc4ex4U99Tn...
pre-shared-key address 0.0.0.0 0.0.0.0 key ....JLsaYiKtxewrc4ex4U99Tn...
[code]....
Cisco Security :: Wap 4410N Implementation Of Encryption Wep
Jun 2, 2011How does the implementation of encryption wep wpa etc in hardware cisco wap4410N ?
View 1 Replies View RelatedWNR2000 Only Connects To Internet When There's No Security Encryption
Apr 12, 2011I bought the Netgear N300 WNR2000v2 today for my laptop (ACER Aspire 5552). Installation was fine but when in try to connect to the router i get a message "Windows was unable to connect to 'SSID Name'. However when i go into routerlogin.net and change the security options to 'None' i get connected to the internet no problem.
View 4 Replies View RelatedFind DSL Wireless Security Password / Encryption Key
Mar 3, 2013How do I find my dsl wireless security?
View 1 Replies View RelatedCisco Security :: 3750 Layer 2 Encryption Over Gigabit Ethernet
Feb 28, 2008We are looking for a solution to avoid VPNs to encrypt data between HQ and Bldgs (point-to-multipoint) Gigabit fiber(untrusted media).Is there any cisco's product providing layer2 encryption over Giga fiber?The HQ has a 6509s and remote bldgs have mixed of 3750s,4500s in trunks.
View 2 Replies View RelatedCisco Security :: ACS 4.2 Any Option To Tackle Encrypted Password
Mar 28, 2011Our campus using WisM (WS-SVC-WISM-1-K9) as wireless controller , Cisco 1130 access point and Cisco Secure ACS 4.2 Solution Engine 1113 Appliance as radius server. For username and password, ACS will export the data from Oracle database (production DB). The problem that we are facing right now is password that store in oracle database is in encrypted format. Base feedback from our database administrator, the encryption is done by oracle - application layer and cannot be decrypt back. In Oracle they call it "Oracle Stored Procedures"
My questions :
1- Can Cisco Secure ACS 4.2 work with Oracle 10G or 11G?
2- Is there any option to tackle the encrypted password? Can ACS handle the "Oracle Stored Procedures" function?
Cisco Security :: ASA 5510 Object-group And Range Option
Feb 6, 2013I have 3 ASA 5510s; two of which are in production and the 3rd one is new. I inherited the two in production and was trying to configure that 3rd one using some of the existing object-group network statements. The problem is that when I try to create a range of IPs in one of the object-groups; the range command is not available. Here is one of the statements extracted from one of the production ASAs: object network REMOTE range 62.77.130.14 62.77.130.208.Both ASAs have the same image ver (asa842-k8). Is there something that I am missing to be able to enable the range option on the new ASA?
View 2 Replies View RelatedCisco WAN :: 3900 ISR G2 AES256 Support In Hardware?
Jan 29, 2011The datasheets indicate that the 39xx series ISR G2 routers support AES, but they don't indicate if they handle both AES128 and AES256 in hardware. Via our account manager, we've heard that they only support AES128 in hardware, but not AES256. Given there's no equivalent of an AIM-VPN/SSL-3 module for a 39xx router, this could be a problem for a deployment we're looking at doing.
I can find no document anywhere on cisco.com that confirms that AES256 specifically is supported IN HARDWARE on, say, a 3945E router.
And, if it is supported, are there any performance numbers available for throughput? We're trying to find out if a 3945E is appropriate, or if we need to go with a 7206VXR w/NPE-G2 and VAM2+ module.
Cisco Security :: 3560 - Configure Encryption With MACsec Switch To Switch?
Jun 28, 2012I have a problem, i would like todo MACSEC betwwen two switches cisco catalyst 3560-x but I know that for this operation i needed ACS server 5.1 is it possible to encryp dataflow without ACS server and if you have the configuration
View 7 Replies View RelatedFind My Wep Encryption Key?
Jul 28, 2012Where can i find my wep encryption key?
View 1 Replies View Related64 And 128 Encryption Key On Same Router?
Nov 30, 2012Is it possible to have a 64 bit and 128 bit encryption key activated on the same router at the same time - one for laptop and one for wireless printer
View 1 Replies View RelatedLocate My Encryption Key?
Jun 23, 2012I need to locate my encryption key.
View 1 Replies View RelatedCisco :: Encryption Method On ISAKMP
Feb 3, 2012Is 3DES on ISAKMP considered to be secured for your average site (other options are AES/DES)? I'd imagine AES should be much stronger but what about DES, is that considered adequate or broken? Is there any proof of concept attack against 3DES on ISAKMP (or ISAKMP in general)?
View 2 Replies View RelatedCisco :: Why 2 Encryption Keys For IPSEC VPN
Oct 7, 2011how IPSEC VPN works but i hit a stumbling block understanding symmetric encryption keys.Here is my understanding about the process
1.Peers will negotiate plocies
2.Authenticate using pre-shared or certificates
3.Exchange DH Public Keys
4.Using Public keys encrypt symmetric key and exchange the same key which will be useful for communication
5.maintain sessions
But when we are configuring we will define encryption keys in isakmp phase and ipsec transform set ,i thought we will use the same encryption key for both management and data communication in fact i thought management phase is to give us a securely exchanged encryption key for the data tunnel.But we can use 2 different encryption keys in 2 phase i am bit confused.
Cisco :: 5508 Controller & AES Encryption?
Oct 2, 2012A wlan on my controller is configured for WPA2, AES encryption and a PSK. A vendor will supply me with a wireless device for this wlan. The vendor asks if we use AES 128 or AES 256. I had always believed we use AES256 but I can't verify this. How can I verify this to the vendor?
View 1 Replies View RelatedCisco VPN :: 877 Encryption Not Working On PPTP VPN
Jul 2, 2011I have a Cisco 877 router and I configured it to act as a VPN server, supporting both PPTP and L2TP VPNs. I can succesfully connect to it from Windows computers using the built-in VPN software.There is only one problem: when using a PPTP VPN, encryption doesn't work. If I configure the client to require encryption (default setting), the connection fails with an error about the remote endpoint not supporting it. If I remove the encryption requirement, the connection succeeds. I've also tried tweaking the encryption settings (40/128 bits), but this didn't work either. [code]
The router's IOS version is 15, and it fully supports encryption. The strangest thing is, encryption is actually required in the router config; but not only the router doesn't seem to offer it... it also accepts unencrypted connections, which it shouldn't. It's like the ppp encrypt mppe auto required command is completely ignored.
Cisco :: WLC5508 / Display WPA Or WEP Encryption Key?
Sep 13, 2012the guy who set the key for WPA-PSK and another one for WEP left... Anyway we can figure out what the key was?
View 5 Replies View RelatedCisco :: Aironet 1252 AES Encryption?
Dec 5, 2012I have two cisco airenet 1252 autonamous access point that are configured as point to point bridge. Now I want to confiure AES encryption or WPA2 using a pre-shared key however I do not see the option to do this . The only option I see under ciphers are:
wep 128
wep 40
TKIP
[Code].....
Is it possible to use either AES or WPA2 using a pre-shared key on the 1252 autonamous access point? preferably using the web interface.
Cisco :: Encryption Algorithm In ST 40 / ASR 5000?
Mar 14, 2011Due to network security audit we are interesded in encryption algorithm used for authentication of administrator and operators in Starent Networks ST40 Intelligent Mobile Gateway. To be more clearly, we need to know what type of hash is used for password storing when "showsecrets" command is omitted.
View 2 Replies View RelatedCisco VPN :: VPDN On 877 Authentication And Encryption
Jun 29, 2011I have a Cisco 877 router at home, and I'm trying to configure it to act as a VPN server in order to be able to connect to my home network when I'm outside; I want it to work with standard Microsoft VPN client software (which supports PPTP and L2TP).
This is the output of the "show version" command:
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 15.0(1)M, RELEASE SOFTWARE (fc2)Technical Support: [URL] Copyright (c) 1986-2009 by Cisco Systems, Inc.Compiled Wed 30-Sep-09 08:42 by prod_rel_team
ROM: System Bootstrap, Version 12.3(8r)YI6, RELEASE SOFTWARE
The router has quite a basic setup: a single username with privilege level 15, a single VLAN comprising all four Ethernet ports, an ADSL connection to my ISP, an internal IP address of 192.168.42.1/24, an external IP address assigned by my ISP, NAT enabled.
This is my current configuration (stripped of non-relevant or private information):
service password-encryption
aaa new-model
aaa authentication login default local aaa authorization console aaa authorization exec default local
aaa session-id common
[Code]...
To Configure IPSEC Encryption
Jun 20, 2011I have 2 Cisco 2811 routers that are installed in different locations. I set up a tunnel connection between the two routers.
[code]...
How To Change Encryption Password
Dec 3, 2012I want to change my encrytion password-How do I do it?
View 2 Replies View RelatedHow To Find Encryption Key For Linksys WEP
Dec 10, 2011I have laptop, mac and xbox 360 all working, just got ps3 and cannot connect it, cannot find wep key for wifi 12 hours plus trying to get this done.
View 2 Replies View RelatedHow To Change An Encryption Password
Dec 26, 2012How do I change my wi-fi password?
View 2 Replies View RelatedFind Wireless Encryption Key On A Cisco E3000?
Feb 3, 2012attempting to connect a blu-ray player and it asks for encryption key for the network.
View 1 Replies View RelatedCisco Wireless :: 1524PS And 1552E/EU - Having WEP Encryption?
Apr 25, 2013I can't find information about two features in 1524PS and 1552E/EU:
1. Does it have WEP encryption ?
2. Does it have SNMPv3 protocol for monitoring and remote managing ?
I guess, that software is similar in both, so answer will be the same in 1524PS and 1552E/EU.
How to confirm this features in 1524PS ?
Cisco Application :: CAT 6509E - ACE End To End Encryption With IDSM
Aug 16, 2011We want to provide an end to encryption service using an ACE02 in a CAT 6509E. This is covered in the ACE config guide so should be OK. The issue is that we want to include traffic inspection using an IDSM2 so we need to seperate the decrypt and encryption stages and send cleartext traffic to the IDMS2. The Security and Virtualization in the Data Center pdf page 18/19 suggests that it might be possible. The design depicted there though is only doing SSL termination, then sending the clear text onto a WAF, and onto IPS but it does say end-to-end encryption is also possible.So in essence what we want to do is have traffic from clients destined for the server farm decrypted by the ACE and sent to the IDS. We then want the traffic to return from the IDS to the ACE to be encrypted and sent onto the server farm.
View 1 Replies View RelatedCisco VPN :: IPsec Encryption Proposal 5505
Dec 14, 2012I would like to know if I have only using IKEV2 to connect site to site VPN with Cisco 5505 device to connect few site. Which encryption method is better to choose with faster and stable IPsec encryption proposal,AES256, AES192, AES, 3DES, DES ?? which one is the best in IKEV2 site to site VPN tunnel?
View 4 Replies View RelatedCisco VPN :: 8.21 / Packets Dropped At Encryption Stage?
Apr 27, 2013I am truly struggling with the changes after 8.21. I am trying to get a VPN up between two sites. This is the B end, I am sure there are a bunch of problems in the other end too. Eg. the tunnel NAT does not have the right priority 1.when I establish the tunnel I get this:
3 Sep 01 2008 11:23:37 Tunnel Manager has failed to establish an L2L SA. All configured IKE versions failed to establish the tunnel. Map Tag= outside_map. Map Sequence Number = 1.
# packet-tracer input inside tcp 10.2.32.11 80 10.1.1.10 80
Phase: 1
Type: ACCESS-LIST
Subtype:
[code]....
Cisco VPN :: ASA 8.0 / VPN Remote-access Without Encryption And Hashing?
May 29, 2012I am trying to setup a remote-access vpn (client device is an iphone or PC) on asa 8.0 with a transform-set without encryption and without hashing ( crypto ipsec transform-set noenc esp-null esp-none ). In this scenario, it does not work and all gives me "phase 2 mismatch" ...below is the debug of isakmp and ipsec.
i tried to change the transform set by using hashing without encryption (crypto ipsec transform-set myset esp-null esp-sha-hmac). it worked on the PC but not the iphone. my target is for the iphone to work.
ciscoasa# sh cryciscoasa# sh crypto isa sa
There are no isakmp sasciscoasa# ter monciscoasa# May 29 23:33:44 [IKEv1]: IP = 91.232.100.3, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 741May 29 23:33:44 [IKEv1 DEBUG]: IP = 91.232.100.3, processing SA payloadMay 29 23:33:44 [IKEv1 DEBUG]: IP = 91.232.100.3, processing ke payloadMay 29 23:33:44 [IKEv1 DEBUG]: IP = 91.232.100.3, processing ISA_KE payloadMay 29 23:33:44 [IKEv1 DEBUG]: IP = 91.232.100.3, processing nonce payloadMay 29 23:33:44 [IKEv1 DEBUG]: IP = 91.232.100.3, processing ID payloadMay 29 23:33:44 [IKEv1
[code]....
Cisco Firewall :: No Available Encryption Algorithms In ASA 5510?
Oct 22, 2012I have a cisco asa 5510 running ver 8.02, when i navigate to "remote access vpn-> advanced->ssl settings" i could not see any available algorithms under encryption section. How can i add the encryption algorithm in? I need the encryption algorithm as i want to enable ssl authentication using cert on my asa interface.
View 2 Replies View Related