Junos
Highlighted
Junos

ipsec sha-256 authentication support

‎12-17-2018 02:26 AM

Any support for ipsec sha-256 authentication support on srx devices?

4 REPLIES 4
Highlighted
Junos

Re: ipsec sha-256 authentication support

‎12-17-2018 02:53 AM

As per this URL SHA-2 is supported: https://apps.juniper.net/feature-explorer/feature-info.html?fKey=287&fn=Hash%20Algorithms%20SHA-2%20...)

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Highlighted
Junos
Solution
Accepted by topic author sb@fl2r.com
‎12-17-2018 03:07 AM

Re: ipsec sha-256 authentication support

‎12-17-2018 02:58 AM

root@my-srx# set security ipsec proposal TEST authentication-algorithm ?
Possible completions:
  hmac-md5-96          HMAC-MD5-96 authentication algorithm
  hmac-sha-256-128     HMAC-SHA-256-128 authentication algorithm <----------
  hmac-sha1-96         HMAC-SHA1-96 authentication algorithm

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Highlighted
Junos

Re: ipsec sha-256 authentication support

‎12-17-2018 03:07 AM

So that must be interpreted as a no.

Highlighted
Junos

Re: ipsec sha-256 authentication support

‎12-17-2018 03:25 AM

SRX SHA-2 impementation is based on RFC-4868: it produces a 256-bit digest, truncated to 128 bits (half)

https://tools.ietf.org/html/rfc4868#section-2.3

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Feedback