Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
PRF - Phase 1
« previous
next »
Print
Pages: [
1
]
Author
Topic: PRF - Phase 1 (Read 1637 times)
spetrillo
Hero Member
Posts: 721
Karma: 8
PRF - Phase 1
«
on:
August 10, 2022, 04:11:20 am »
Hello all,
New to IPSec VPNs and trying to setup a S2S VPN from my OPNsense device to a Cisco ASA on the other side. The network engineer handling the Cisco side says I am missing PRF in phase 1, but I do not see any option for PRF. Can you point me in the right direction?
Thanks,
Steve
Logged
nzkiwi68
Full Member
Posts: 182
Karma: 20
Re: PRF - Phase 1
«
Reply #1 on:
August 11, 2022, 04:35:19 am »
PRF stands for
Pseudo-Random Function
In this case, make sure your
Hash algorithm
agrees with the Cisco ASA.
I have seen it whereby the hashing and PRF are set differently, we can't do that in OPNsense and it shouldn't really be needed anyway. So, we can't set a PRF, it's likely that OPNsense just uses whatever you set as the Hash algorithm as the PRF.
Tell them your PRF is SHA256.
Logged
spetrillo
Hero Member
Posts: 721
Karma: 8
Re: PRF - Phase 1
«
Reply #2 on:
August 11, 2022, 04:37:49 am »
What configuration option do I set?
Logged
nzkiwi68
Full Member
Posts: 182
Karma: 20
Re: PRF - Phase 1
«
Reply #3 on:
August 15, 2022, 01:09:13 am »
You can't set a PRF, only a phase 1 hashing algorithm, which, will also be the PRF
Logged
spetrillo
Hero Member
Posts: 721
Karma: 8
Re: PRF - Phase 1
«
Reply #4 on:
August 19, 2022, 03:03:58 pm »
Got it...thanks!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
PRF - Phase 1