Technical Tip: IKE proposal visibility settings in FortiOS 8.0 and SM4-SM3 algorithm support

Description

This article describes the difference between setting IKE proposal visibility to 'all' versus 'recommended' and also provides the full list of IKE proposals affected by this change. Additionally, it also displays the list of non-supported models for SM4-SM3 encryption.

Scope

FortiGate, FortiOS 8.0+.

Solution

Starting with FortiOS 8.0, FortiGate now displays only the recommended IKE proposals in the CLI by default. Previously, all IKE proposals were visible in the CLI. This will allow secure and recommended cryptographic algorithms in VPN settings that align with security best practices.

In FortiOS 7.6, the following IKEv2 proposals are visible in the CLI:

des-md5 des-sha1 des-sha256 des-sha384 des-sha512 3des-md5 3des-sha1 3des-sha256 3des-sha384 3des-sha512 aes128-md5 aes128-sha1 aes128-sha256 aes128-sha384 aes128-sha512 aes128gcm-prfsha1 aes128gcm-prfsha256 aes128gcm-prfsha384 aes128gcm-prfsha512 aes192-md5 aes192-sha1 aes192-sha256 aes192-sha384 aes192-sha512 aes256-md5 aes256-sha1 aes256-sha256 aes256-sha384 aes256-sha512 aes256gcm-prfsha1 aes256gcm-prfsha256 aes256gcm-prfsha384 aes256gcm-prfsha512 chacha20poly1305-prfsha1 chacha20poly1305-prfsha256 chacha20poly1305-prfsha384 chacha20poly1305-prfsha512 aria128-md5 aria128-sha1 aria128-sha256 aria128-sha384 aria128-sha512 aria192-md5 aria192-sha1 aria192-sha256 aria192-sha384 aria192-sha512 aria256-md5 aria256-sha1 aria256-sha256 aria256-sha384 aria256-sha512 seed-md5 seed-sha1 seed-sha256 seed-sha384 seed-sha512

In FortiOS 8.0 and above, and IKE proposal visibility set to 'recommended' (default), the following IKEv2 proposals are available in the CLI.

config system settings
    set ike-proposal-visibility {recommended | all }
end

aes128-sha256 aes128-sha384 aes128-sha512 aes128gcm-prfsha256 aes128gcm-prfsha384 aes128gcm-prfsha512 aes192-sha256 aes192-sha384 aes192-sha512 aes256-sha256 aes256-sha384 aes256-sha512 aes256gcm-prfsha256 aes256gcm-prfsha384 aes256gcm-prfsha512 chacha20poly1305-prfsha256 chacha20poly1305-prfsha384 chacha20poly1305-prfsha512

The visibility settings also modify the Diffie-Hellman groups available in the CLI to [15, 16, 17, 18, 19, 20, 21, 28, 29, 30, 31, 32].

Similarly, the settings also apply to the IKEv1 proposals.

SM4-SM3 algorithm support:

FortiOS 8.0 has also added support for the ShangMi SM4 encryption and SM3 hash algorithms for the supported hardware and FortiGate VM models. To configure this from the CLI, set the ike-proposal-visibility setting to 'all'.

The following FortiGate models are not supported for SM4-SM3 encryption and hash algorithms: 

30G 31G 40F_3G4G 40F 41F_3G4G 41F 50G_5G 50G_DSL 50G_SFP_POE 50G_SFP 50G 51G_5G 51G_SFP_POE 51G 60E_DSL 60E_DSLJ 60E_POE 60E 60F 61E 61F 70F 70G_POE_5G 70G_POE 70G 71F 71G_POE 71G 80E_POE 80E 80F_BP 80F_DSL 80F_POE

80F 81E_POE 81E 81F_POE 81F 90G 91G 100E 100EF 100F 101E 101F 120G 121G 140E_POE 140E ARM64_AWS ARM64_AZURE ARM64_GCP ARM64_KVM ARM64_OCI ARM64_XEN

Note: Currently, the non-supported models may show the SM4 and SM3 algorithm options during the IPsec tunnel creation via the GUI. However, if selected, the encryption and authentication default to AES256 and SHA256. The engineering team is aware of this issue and fix will be included in the future release of the FortiOS 8.0.