IKE Phase1 Tidbit - HAGLE

During my time studying how the internet key exchange (IKE) phase1 process works I stumbled upon something that really hit home for me that makes it easy to remember what is needed during configuration, which is used to allow peers to negotiate security parameters to build a successful security association for the phase1 tunnel. It's simple, HAGLE.

In order to properly negotiate and agree on parameters your IKE policy needs the following:

H = hash

A = authentication

G = dh group

L = lifetime

E = encryption


HAGLE, HAGLE, HAGLE. Cheers!

0 comments

Recent Posts

See All

ASA MultiContext Mode Packet Classification Tidbit

In order to understand how traffic flows through the segregated contexts it is important to understand how the ASA determines the context in which it will send the packets. This process is known as c

ASA Security Contexts Tidbit

In this tidbit I want to explain what Cisco ASA Security Contexts are in this blog. A very plain & simple way to put it, security contexts are a way to logically divide the ASA into multiple logical

Fundamentals of PKI Tidbit

I want to touch on some of the fundamentals and standards involved with PKI to give us an overview of what things are/mean. To start let's cover what the standards are. So you have probably seen or