topic DH group 15 not supported in phase 1 with IKE v1? in General Topics

DH group 15 not supported in phase 1 with IKE v1?

FredrikBjork — Wed, 06 Dec 2023 10:22:55 GMT

I need to migrate an old firewall to a PA-440 and came across an ancient IPsec where they have used DH group 15 for both phase 1 and 2. According to the docs for PanOS 10.2 DH 15 is now supported but the 440 whines about DH15 in phase 1 as I use IKE v1. DH15 in phase 2 seems OK. (Note: The cryptos are from the original setup, will change to more secure settings after migrating, also dependant on "the other side"...)

Message is:

Not support: group 15 is selected in [name of IKE crypto suite] which is attached to IKEv1 gateway [name of IKE GW](Module: ikemgr)

client ikemge phase 1 failure

Commit failed

Does anyone know why DH15 cannot be used and if there are plans to support it in IKE v1? It seems to me that the reason for adding DH15 etc. would be to have support for less secure algos during migration from older hardware and this often includes now obsolete setups like IKE v1.

Link to page stating support for DH15:

https://docs.paloaltonetworks.com/compatibility-matrix/supported-cipher-suites/cipher-suites-supported-in-pan-os-10-2/cipher-suites-supported-in-pan-os-10-2-ike-web-certs

Re: DH group 15 not supported in phase 1 with IKE v1?

S.Cantwell — Wed, 13 Dec 2023 01:40:51 GMT

Good Day

The LiveCommunity may not work for PANW itself, so we cannot comment about if a feature/version will be supported.

But, knowing that IKEv1 is about 20 years old, I am curious why wouldn't take the higher ground get both sides to work with IKEv2 which is a longer/stronger DH key pair size.

Again, just a suggestion.

What other questions can we answer?

Re: DH group 15 not supported in phase 1 with IKE v1?

FredrikBjork — Wed, 13 Dec 2023 08:43:34 GMT

Sure, the community is the community, not PaloAlto itself. On the other hand, I think lots of people here stumble upon quirks like this on a daily basis so my intention was to see if someone else had had the same experience and perhaps even had come up with an explanation. After all, the docs state that DH15 is supported, and no exemptions are mentioned. That's what annoys me 🙂

I do agree (as I wrote initially) that DH15 (and IKEv1) would only be used in the migration phase and moving to IKEv2 with more secure cryptos is the goal. As I indicated, the other side of the tunnel is not under my control, but I have already suggested that persons responsible for this firewall contact "the other side" to come up with a better config. As it is so simple in the PA to allow multiple cryptos, I can allow lots of them and the opposing side can choose whatever they like and are capable of. Customers are often hesitant to change too many things before a migration or firewall swap so the workflow tends to be "swap gear first, fix config later". That's why I was so happy when I saw DH15 being supported in 10.2, but...

Thank you for your reply! Let's continue keeping the bad guys out!