Interoperability with CISCO brand devices » History » Version 3

« Previous - Version 3/4 (diff) - Next » - Current version
Noel Kuntze, 20.07.2018 13:35

Interoperability with CISCO brand devices

Known Quirks

The following quirks are known:
Software Version Quirks
ASDM 7.7 Known problems with IKEv2
* configures aes192gcm16 when aes192gcm12 is shown to the user
* configures modp2048s256 when modp2048 is shown
* configures device to send aes192gcm16-sha256 when only aes192gcm16 is configured. The device then accepts a proposal with aes192gcm16, but drops the packets because it insists on the ICV being calculated using sha256 and not the negotiated AEAD algorithm
Any * * IKEv2 is only supported with a single set of subnets per CHILD_SA. Thus the same workaround for IKEv1 has to be used with them.