On 2016-09-27, Marko Cupać <marko.cu...@mimar.rs> wrote: > Hi, > > what would be the 'industry standard' for ipsec crypto transforms today? > Should I consider my tunnel safe with hmac-sha1 / aes-128 / group 2? Or > should I bump it all the way to hmac-sha-512 / aes-256 / group 18? > Something in between?
I don't know about "industry standard" but for machines with AES-NI I've been using defaults for phase 1 and "quick enc aes-128-gcm group modpo3072" for phase 2 recently.