SRX Services Gateway
Highlighted
SRX Services Gateway

Null in Hash Algorithm

‎01-06-2016 07:37 AM

Hi,

 

Is it possible to use as hash algorithm a value of "null" in JunOS, as in the following command of ScreenOS:

 

set ike p2-proposal "g5-esp-aes256-no_auth-900s" group5 esp aes256 null second 900

 

Cheers,

Nuno

1 REPLY 1
Highlighted
SRX Services Gateway
Solution
Accepted by topic author Nuno
‎04-16-2016 02:58 AM

Re: Null in Hash Algorithm

‎01-06-2016 08:27 AM

Hi,

 

Setting NULL encryption means actually not setting any encryption-algorithm under IPsec proposals.

 

[edit]
admin@srx2# show security ipsec proposal LAB
protocol esp;
authentication-algorithm hmac-sha1-96;
lifetime-seconds 10000;

 

 

Refer to the following link:

http://rtoodtoo.net/ipsec-null-encryption-null-authentication/

 

Note: It's not supported in FIPS mode .

Regards,
A'bed AL-R.
[JNCSP-SEC JNCDA JNCIS-ENT Ingenious Champion|Sec]
https://srxtech.wordpress.com
Feedback