The IPSec Crypto profile is used in IKE Phase 2 to secure data within a tunnel, and
requires matching parameters between VPN peers for successful negotiation.
Where Can I Use
What Do I Need?
No license required
The IPSec Crypto profile is invoked in IKE Phase 2. It specifies
how the data is secured within the tunnel when Auto Key IKE is used to generate keys
automatically for the IKE SAs.
whether your VPN peer is from the same vendor or not, the VPN peers must have the
same IPSec parameters configured in order to perform a successful IPSec
IPSec negotiation will be successful when the following parameters match between the
IPSec Protocol (ESP or AH)
DH Group (or PFS) for key exchange
For example, if you've configured VPN peer 1 with
for DH group,
for authentication, and
for encryption. Then, VPN peer 2 with which
you want to establish the IPSec tunnel also should be configured exactly with the
By default, perfect forward secrecy (PFS) is enabled on IPSec tunnels to
generate a more randomized key. PFS does this by performing an additional key
exchange during IPSec SA negotiation to generate a new shared secret and combines it
into the new IPSec SA keys. When configuring PFS, ensure that both the VPN peers
have the same PFS configuration. Any failure in IPSec SA negotiation will result in
failure to establish the IPSec tunnel.
—ESP or AH—that you
want to apply to secure the data as it traverses across the
As a best practice, select ESP (Encapsulating Security Payload)
over AH (Authentication Header) because ESP offers both
confidentiality and authentication for the connection whereas AH
offers only authentication.
and select the
algorithms for ESP, and
algorithms for AH, so that the
IKE peers can negotiate the keys for the secure transfer of data across
If you aren’t certain of what the IKE peers support, add multiple
algorithms in the order of most-to-least secure as follows; the
peers negotiate the strongest supported algorithm to establish the
firewall doesn’t support this option),
PAN-OS 10.1.0 and earlier releases
support the Data Encryption Standard (DES) encryption
As a best practice, choose the strongest authentication
and encryption algorithms the peer can support. For the
authentication algorithm, use SHA-256 or higher (SHA-384
or higher preferred for long-lived transactions). Don’t
use SHA-1, MD5, or none. For the encryption algorithm,
use AES; 3DES is weak and vulnerable.
Select the DH Group to use for the IPSec SA negotiations in IKE phase 2.
, select the key strength you want to
. For the highest security, choose the
group with the highest number.
Beginning with PAN-OS 10.2.0 and later releases,
Diffie-Hellman (DH) groups are
If you don’t want to renew the key that the firewall creates during IKE phase
(no perfect forward secrecy); the
firewall reuses the current key for the IPSec security association (SA)
Specify the duration of the key—time and volume of traffic.
Using a combination of time and traffic volume allows you to ensure safety of
or time period for which the key
is valid in seconds, minutes, hours, or days (range is 3 minutes to 365
days). When the specified time expires, the firewall will renegotiate a new
set of keys.
or volume of data after which the
keys must be renegotiated.
Commit your IPSec profile.
Attach the IPSec Profile to an IPSec tunnel configuration.
recommended set of IPSec protocol and key lifetime settings to secure data within
the IPSec tunnel between
private apps at your data center or headquarters location and
Phase 2 for the Security Association (SA)—for a service
Phase 2 for the Security Association (SA)—for a remote network
You can use the recommended settings, or customize the settings as
needed for your environment.
IPSec Crypto Profile
to define how data is
secured within the tunnel when Auto Key IKE automatically generates keys for the
IKE SAs during IKE Phase 2.
automatically configures a default IPSec crypto profile
based on the
Branch Device Type
vendor. You can
either use the default profile or create a custom profile.
—Secure the data that traverses
the VPN tunnel. The Encapsulating Security Payload
) protocol encrypts the data,
authenticates the source, and verifies the data integrity. The
Authentication Header (
authenticates the source and verifies the data integrity.
If you use
as the IPSec protocol, also
algorithm used in the
IPSec SA negotiation.
supports the following encryption algorithms:
aes-256-gcm (256 bits), aes-256-cbc (256 bits), aes-192-cbc (192
bits), aes-128-gcm (128 bits), aes-128-cbc (128 bits), 3des (168
bits), and des (56 bits). You can also select null (no
—Specify the authentication algorithm used
in the IPSec SA negotiation.
supports the following authentication algorithms: sha1 (160
bits), sha256 (256 bits), sha384 (384 bits), sha512 (512 bits), and md5 (128
bits). If you set the IPSec Protocol to ESP, you can also select none (no
—Specify the Diffie-Hellman (DH) groups for IKE
in the IPSec security association (SA) negotiation.
supports the following DH groups: Group 1 (768 bits), Group
2 (1024 bits—default), Group 5 (1536 bits), Group 14 (2048 bits), Group 19
(256-bit elliptic curve group), and Group 20 (384-bit elliptic curve group).
For the strongest security, select the group with the highest number. If you
don’t want to renew the key that
creates during IKE phase
(no perfect forward secrecy). If you
select this option,
reuses the current key for the IPSec
—Specify the unit and amount of time during
which the negotiated key is valid (default is one hour).
—Specify the unit and amount of data that the
key can use for encryption.