No GCM possible there.ĭue to documentation it should be possible, for example and to comply with Ciscos own security recommendations (). Looking at the ASDM screenshots the possibilities are not even the same. Null null encryption FW01/pri/act(config-ikev2-policy)# encryption aes-gcm-256 aes-gcm-192 aes-gcmįW01/pri/act(config-ikev2-policy)# integrity ? ikev2-policy mode commands/options:įW01/pri/act(config-ikev2-policy)# integrity FW01/pri/act(config-ikev2-policy)# encryption aes-256 FW01/pri/act(config)# crypto ikev2 policy 2įW01/pri/act(config-ikev2-policy)# encryption ? ikev2-policy mode commands/options: AES-256, then there are lots of possibilities. However, if a lower encryption method is chosen, e.g. Has anyone experienced IKEv2 configuration problems on ASA like these going higher than AES-256 encryption and sha1 integrity hashing? And have a solution maybe?įirst of, I want to use other DH groups than 2 and 5 that is possible through both CLI and ASDM. If GCM type encryption is chosen through CLI in the IKEv2 policy the only possible integrity hash value possible is 'null'.
