Document for SF VPN to Cisco ASA leaves out some information

Reference article: Sophos Firewall: Set up IPSec between the firewall and Cisco ASA

The article doesn't describe how to setup the profile as compared to what Cisco shows in their product.

For example, this policy

crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400

And this proposal

crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5

Maybe this will be appropriate to match what's in the ASA?

We will deploy and hope it works.

An update to the document on how to help us Sophos Firewall Architects understand how to connect with an ASA would be very helpful.

Thank you

DavidSain

Parents

Rodim Suarez over 2 years ago

Hi DavidSain,

Thank you for your feedback. We will look into this and update the KB article accordingly.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

Comment

Rodim Suarez over 2 years ago

Hi DavidSain,

Thank you for your feedback. We will look into this and update the KB article accordingly.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

Children

No Data