What Encryption Is Used When Enabling IPSec for GlobalProtect?

What Encryption Is Used When Enabling IPSec for GlobalProtect?

0
Created On 09/26/18 13:54 PM - Last Modified 07/19/22 23:11 PM


Environment


  • Any PAN-OS.
  • Palo Alto Firewall.
  • GlobalProtect configured.


Resolution


The encryption type will vary. Two methods can be used to view what encryption type was used:

  • Examine a packet capture
  • Via CLI, run the command show running tunnel flow context <#>

 

Sample output:

> show running tunnel flow context 1

key type:               auto keyip
auth algorithm:         SHA1
enc  algorithm:         AES128

 



Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm09CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail