Start learning cybersecurity with CBT Nuggets. https://courses.cbt.gg/security

In this video, Keith Barker covers the five essential items for negotiating IPsec's IKE Phase 1. The best way to make sure your sitetosite tunnels get built is to remember to HAGLE: make sure your HASH, Authentication, Group, Lifetime and Encryption are negotiated and agreed on.

If you have two internal networks that you need to talk to one another securely across the Internet via two ASAs, IPsec is a great way to implement your sitetosite tunnel.

Before the devices will establish the tunnel, you need to negotiate IPsec's IKE Phase 1. There are 5 items. To remember each step, Keith's recommended method is "HAGLE".

• H: Hashing algorithms to verify data integrity
• A: Authentication to verify one another
• G: Groups to generate secret keys
• L: Lifetime to determine how long the tunnel stands up
• E: Encryption to agree which algorithm to use

With these five items negotiated, your ASAs can stand up an IKE Phase 1 tunnel and connect your sites securely across the Internet.

Download the Free Ultimate Security Cert Guide: https://blog.cbt.gg/ex8o

⬇ 15Week Study Plan: CCNP Security Core (350701 SCOR): https://blog.cbt.gg/5r83


Start learning with CBT Nuggets:

• Intro to Networking | https://courses.cbt.gg/tuv
• CompTIA Network+ (N10007) | https://courses.cbt.gg/lvb