VPN encryption algorithms missing Flex 200H (USG FLEX H series)

Options
SDimitri
SDimitri Posts: 6 image  Freshman Member
First Comment Friend Collector Second Anniversary
edited October 30 in USG FLEX H Series

Hello! I have a problem with encryption on my Flex 200H. In VPN setting I see des/sha1 only, everything else like sha-256, sha-384 etc i'm not see. On Flex 500 i'm decide this question with "crypto algorithm-hide disable" over ssh, but here it doesn't worked.

How i can decide my problem in new Flex 200H? Besides, on Zyxel website in demo mode of Flex 200H web gui i saw all encryption algorithms and thought that in my Flex 200H were like on demo gui.

Accepted Solution

  • Zyxel_Tina
    Zyxel_Tina Posts: 401 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers First Comment
    Answer ✓

    Hi @SDimitri,

    On your USG FLEX 200H, the command crypto algorithm-hide disable is not applicable for displaying hidden VPN encryption algorithms.

    To enable all VPN encryption algorithms, including SHA-256 and SHA-384, you need to use the following commands in the firewall's CLI:

    1. Check for hidden crypto algorithms using: usgflex200h> show ipsec hidden-crypto
    2. Make these hidden algorithms visible and selectable in the VPN settings, execute: usgflex200h> cmd ipsec display hidden-crypto enable false

    After running this command, you should see the full range of encryption algorithms available in your Flex 200H's VPN settings.

    https://community.zyxel.com/en/discussion/30552/how-to-enable-hidden-crypto-algorithms-on-usg-flex-h-firewall

    Zyxel Tina

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,134 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    edited October 31

    Hi @SDimitri

    This issue is unusual and we need to check with our team. We will update you once we get further information.

    Zyxel Melen


  • Zyxel_Tina
    Zyxel_Tina Posts: 401 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers First Comment
    Answer ✓

    Hi @SDimitri,

    On your USG FLEX 200H, the command crypto algorithm-hide disable is not applicable for displaying hidden VPN encryption algorithms.

    To enable all VPN encryption algorithms, including SHA-256 and SHA-384, you need to use the following commands in the firewall's CLI:

    1. Check for hidden crypto algorithms using: usgflex200h> show ipsec hidden-crypto
    2. Make these hidden algorithms visible and selectable in the VPN settings, execute: usgflex200h> cmd ipsec display hidden-crypto enable false

    After running this command, you should see the full range of encryption algorithms available in your Flex 200H's VPN settings.

    https://community.zyxel.com/en/discussion/30552/how-to-enable-hidden-crypto-algorithms-on-usg-flex-h-firewall

    Zyxel Tina

  • SDimitri
    SDimitri Posts: 6 image  Freshman Member
    First Comment Friend Collector Second Anniversary

    Hello @Zyxel_Tina

    Thank you so much! This instruction helped me!

    Have a nice day!

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)