11-9
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter 11 Site-to-Site VPN
Create Site to Site VPN
Encryption
Cisco SDM supports a variety of encryption types, listed in order of security. The
more secure an encryption type is, the more processing time it requires.
Note • Not all routers support all encryption types. Unsupported types will not
appear in the screen.
• Not all IOS images support all the encryption types that Cisco SDM supports.
Types unsupported by the IOS image will not appear in the screen.
• If hardware encryption is turned on, only those encryption types supported by
hardware encryption will appear in the screen.
Cisco SDM supports the following types of encryption:
• DES—Data Encryption Standard. This form of encryption supports 56-bit
encryption.
• 3DES—Triple DES. This is a stronger form of encryption than DES,
supporting 168-bit encryption.
• AES-128—Advanced Encryption Standard (AES) encryption with a 128-bit
key. AES provides greater security than DES and is computationally more
efficient than 3DES.
• AES-192—AES encryption with a 192-bit key.
• AES-256—AES encryption with a 256-bit key.
Hash
The authentication algorithm to be used for the negotiation. Cisco SDM supports
the following algorithms:
• SHA_1—Secure Hash Algorithm. A hash algorithm used to authenticate
packet data.
• MD5—Message Digest 5. A hash algorithm used to authenticate packet data.