[c-nsp] ASA5520 different crypt options and general tuning question?
Scott Granados
gsgranados at comcast.net
Mon Aug 10 14:20:01 EDT 2009
Hi, thanks to many on this list and the great pointers I now have a working
pair of ASA5520 devices with Cisco VPN client remote access working
correctly.
My question is a two parter. First, I see several encryption options
including 3DES, DES and various AES entries with different bit counts. I
understand generally what these different options do and what the associated
hash options are used for but is there a better crypt type and hash type for
differing jobs? When would you want to use 3DES instead of say aes-256? Is
there ever a reason you'd use MD5 instead of sha???
Secondly, are there any good general documents for performance tuning?
(maybe something that helps detail which knobs to twittle and why?) As
always, any pointers would be greatly appreciated.
Thanks
Scott
More information about the cisco-nsp
mailing list