64 characters, 6 minimum characters, at least 4 different characters -GS
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Mark Senior Sent: Thursday, May 24, 2007 4:02 PM To: [email protected] Subject: Re: [FW-1] VPN/PSK length That's a 2048 bit DH group, not a preshared key. The PSK is hashed along with a nonce, using either MD5 (128 bit hash) or SHA1 (160 bit hash). So, the actual data that is compared is either 128 or 160 bits. The PSK itself is not limited by any facet if the IKE standard, just by implementation, since it will always be hashed up or down to 128 or 160 bits. All that, and I'm afraid I don't know what the max PSK length supported by NGX is. Regards Mark On 5/24/07, cisco4ng wrote: > yes, > > for NGx, it is DH-Group14 which is 2048 bits. > > "Robers, Tom" wrote: Hi all, > > Does anyone know the maximum length for a PSK; we want to configure a > VPN with an external gateway using pre-shared secret. > > Thanks > Tom > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > > > --------------------------------- > Get the free Yahoo! toolbar and rest assured with the added security of spyware protection. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
