Firewall Wizards mailing list archives
RE: Cisco Firewall IOS question
From: Eric Vyncke <evyncke () cisco com>
Date: Wed, 07 Oct 1998 22:26:25 +0200
Ryan, See comments in-line. At 22:21 6/10/98 -0700, Ryan Russell wrote:
The Firewall IOS Feature Set Plus IPSEC 56 does in fact include encryption (56 bit IPSEC with your choice of several methods)Thanks for the info. Some of this is new since I last looked (and it wasn't all THAT long ago.) The good news is that I was wrong and you can have the FW feature set w/crypto. Either the Cisco (non-standard) crypto or IPSec flavor. It's available now as an 11.3T release. The bad news is that the names imply that it's still limited to 56-bit. Isn't there a longer bit-length that's considered mandatory for IPSec (3-DES or some such) or was that just wishful thinking on my part?
The only mandatory transform for ESP in IPSec is 56-bit DES. It is expected that IOS 12.0T will have triple DES. Hope it helps you -eric Eric Vyncke Consulting Engineer Cisco Systems Belgium SA/NV Phone: +32-2-778.4677 Fax: +32-2-778.4300 E-mail: evyncke () cisco com Mobile: +32-75-312.458
Current thread:
- Cisco Firewall IOS question Chris Hughes (Oct 05)
- Re: Cisco Firewall IOS question Leonard Miyata (Oct 05)
- <Possible follow-ups>
- Re: Cisco Firewall IOS question Ryan Russell (Oct 06)
- RE: Cisco Firewall IOS question James D. Wilson (Oct 07)
- RE: Cisco Firewall IOS question Ryan Russell (Oct 07)
- RE: Cisco Firewall IOS question Eric Vyncke (Oct 09)
- Re: Cisco Firewall IOS question Steve Bellovin (Oct 13)