Hi Oh Gurus of Thwack!
According to: Supported algorithms and cipher for NPM and NCM for Orion SSH (solarwinds.com) (this is newest I could find. I'm using 2022.3 and going to 2022.4 soon)
KeyExchange algorithms list for Orion / NPM:
diffie-hellman-group-exchange-sha256 <-- NPM using this
diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
ecdh-sha2-nistp256
ecdh-sha2-nistp384
My Palos are using: diffie-hellman-group-exchange-SHA-256 which is different from Orion, no?
Hmac: hmac-sha2-256 - Both Palo and NPM/Orion use this
encryption: aes256-ctr - Both Palo and NPM/Orion use this
So, the regarding the key exchange between SW and Palo, the "diffie-hellman-group-exchange-SHA-256" / "diffie-hellman-group-exchange-sha256" should work the same? But I suspect as there are text fields transmitted by the SSH negotiation, maybe diffie-hellman-group-exchange-SHA-256 is different from diffie-hellman-group-exchange-sha256 in just the name?
Also, why is there no way in Orion to specify which SSH negotiations are valid? I can't believe that all companies are OK with not being able to specify their own encrypt, hmac, and key exchange!
Regards,
Ambi
