Hi Jeremy,
MSG5 and MSG6 are using the same algorithms. The purpose of MSG1 and MSG2 is
choose a share algorithm to be used in MSG5 and MSG6.
Maybe you got a little confused by the fact that in MSG3 and MSG4 the
parties (the routers) are choosing a shared hidden key using DH, which is
later being used to protect MSG5, MSG6 and phase2.
HTH,
Dan #13685 (RS/Sec/SP)
Troubleshooting blog: http://dans-net.com
On Mon, Mar 15, 2010 at 5:05 AM, jeremy co <jeremy.cool14_at_gmail.com> wrote:
> Hi,
>
> As I was studying IKE phase 1 Main mode (6 msg exchange) , I stumbled
> across
> how IKE Main mode msgs works.
>
> I read that it use different hash and encryption algorithms n MSG 5 & 6,
> than it negotiated in MSG 1&2 . However, we only configure one set of
> algorithms under " crypto isakmp policy" . So how the single config under
> isakmp policy lead to 2 different algorithms in msg 1&2 and MSG 5&6 of the
> IKE phase 1 Main mode ?
>
>
>
> Regards,
>
>
> Jeremy
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon Mar 15 2010 - 05:24:14 ART
This archive was generated by hypermail 2.2.0 : Thu Apr 01 2010 - 07:26:35 ART