Wireless Access

last person joined: 7 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

which crypto settings are used for ipsec controller communication

This thread has been viewed 0 times

  • 1.  which crypto settings are used for ipsec controller communication

    Posted Sep 29, 2020 03:49 AM

    Hi,

     

    i'm trying to find out which command to use to show me which crypto settings a controller to MM ipsec communication uses...

     

    It surely will be aes256 encryption.  But which hash?  And cipher mode?



  • 2.  RE: which crypto settings are used for ipsec controller communication

    MVP
    Posted Oct 06, 2020 04:27 PM

    from MD, do mdconnect and then:

     

    [MDC] # show crypto ipsec sa peer <MM IP Address>



  • 3.  RE: which crypto settings are used for ipsec controller communication

    Posted Oct 07, 2020 08:57 AM

    Hello,

     

    is it possible to change this connection? default there is used:

     

    Phase2 Transform:Encryption Alg: AES 128 Authentication Alg: SHA1

     

    can we change the default transform sets for MD-MC connections to increase the security?

    I tried by changing this on the MD side and on MM side => by adding a IKEv2 IPSec Dynamic Map of 9999 for a new transform set which uses AES-256 but it seems it is not looking at this ?

     

    Kr,