This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable DH768(MODP768), Diffie-Hellman Key Exchange

Hi, 

I would like to disable the following weak IPSEC encryption DH768.

Are there any issues disabling this intraday, we are operating under covid restrictions and the firewall is managing all our remote user connectivity.

Setup is highly available in a master/slave configuration, what is the process involved with making this change.

Thank you.



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi @Ro By,

    Thank you for reaching out to the Community! 

    Did you configure the IPSec policy with DH group 768 that is currently being used by an active IPsec connection? Did the network scan detect these DH group? 

    Please provide some more information. 

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi @Ro By,

    Thank you for reaching out to the Community! 

    Did you configure the IPSec policy with DH group 768 that is currently being used by an active IPsec connection? Did the network scan detect these DH group? 

    Please provide some more information. 

    Thanks,

Children