It seems to be that I am a little bit lost in the scrap of documentation. I am looking out for a new ASA Appliance that supports lvl 20+ Diffie Hellman. But I cannot find any documentation if there is any ASA that supports Diffie Hellman Group 20 or higher.
Does anyone have a clue regarding this?
Thanks
Your best bet (without interrogating the CLI) is to look at the release notes. You say the appliance is NEW, so I assume iOS version 9.1x.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/release/notes/asarn91.html
When configuring for IKEv2, for security reasons you should use groups 21, 20, 19, 24, 14, and 5. We do not recommend Diffie Hellman Group1 or Group2.
So you can assume that Groups 1, 2, 5, 14, 19, 20, 21 and 24 are available.
