Child pages
  • How to configure nonstandard AES 192/256 for a SNMPv3 user?

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added information about key extension

titleAvoid compatibility problems by choosing right authentication protocol

Different key extension algorithms cause compatibility issues with AES >128 protocols. To avoid them and to ensure best security, use appropriate authentication protocols to avoid key extension at all.

That leads to the simple rule:

For AES256 use at least SHA256!

Some devices* and SNMP tools use an AES key extension algorithm implementation for 192 and 256 bit key length that was not specified in the IETF draft Instead those implementations use the key extension algorithm specified by To use the latter non-standard protocol follow the steps below: