Interoperability with CISCO brand devices¶
- Table of contents
- Interoperability with CISCO brand devices
Known Quirks¶
The following quirks are known:| Software | Version | Quirks |
|---|---|---|
| ASDM | 7.7 | Known problems with IKEv2 * configures aes192gcm16 when aes192gcm12 is shown to the user * configures modp2048s256 when modp2048 is shown * configures device to send aes192gcm16-sha256 when only aes192gcm16 is configured. The device then accepts a proposal with aes192gcm16, but drops the packets because it insists on the ICV being calculated using sha256 and not the negotiated AEAD algorithm |
| Any | * | * IKEv2 is only supported with a single set of subnets per CHILD_SA. Thus the same workaround for IKEv1 has to be used with them. |
Configurations¶
For site-to-site tunnels, the aptly named configuration examples from the UsableExamples page can be used.
For roadwarrior type tunnels, it is analogous.