This article describes the issue of the SRX device, which has configured VPN with SHA2 in the IPsec proposal, being unable to decrypt the encrypted traffic; even though it has established the VPN tunnel. Junos and SSG have two generations of SHA2-256 algorithms; the first one uses the 96 bit-length data field and the second one uses the 128 bit-length data field. Due to … [Read more...]