Project

General

Profile

Interoperability with CISCO brand devices » History » Version 3

Noel Kuntze, 20.07.2018 13:35

1 1 Noel Kuntze
h1. Interoperability with CISCO brand devices
2 1 Noel Kuntze
3 1 Noel Kuntze
{{>toc}}
4 1 Noel Kuntze
5 1 Noel Kuntze
h2. Known Quirks
6 1 Noel Kuntze
7 1 Noel Kuntze
The following quirks are known:
8 1 Noel Kuntze
|_.Software|_.Version|_.Quirks|
9 2 Noel Kuntze
|ASDM | 7.7 | *Known problems with IKEv2*
10 2 Noel Kuntze
* configures aes192gcm16 when aes192gcm12 is shown to the user
11 1 Noel Kuntze
* configures modp2048s256 when modp2048 is shown
12 3 Noel Kuntze
* configures device to send aes192gcm16-sha256 when only aes192gcm16 is configured. The device then accepts a proposal with aes192gcm16, but drops the packets because it insists on the ICV being calculated using sha256 and not the negotiated AEAD algorithm|
13 3 Noel Kuntze
|Any | * | * IKEv2 is only supported with a single set of subnets per CHILD_SA. Thus the same workaround for IKEv1 has to be used with them. |