515e VPN encrytion

Unanswered Question
Feb 1st, 2007


I have two VPN's running which both use des-md5 encryption. I set up a new vpn which i want to use 3des-sha. After setting this up i noticed that when I connected to the new VPN I was only getting des-md5. Is there anyway i can specify this without affecting the other VPNs?

I have posted part of the config.


J Mac

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
zulqurnain Thu, 02/01/2007 - 10:14


after looking at your config, can you tell me that when you are initiating the vpn tunnl to this second peer, where do you connect to. can you paste the output of

"sh crypto isakmp sa"

because i think your crypto map is only complete for one peer, your have multiple lines missing in your config, you have to define separatly the "set peer", "transform-set" and "match address" which will match this second vpn access-list for interesting traffic.

johnnymac Fri, 02/02/2007 - 02:52


thanks for your response here is the "sh crypto isakmp sa"

Active SA: 2

Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)

Total IKE SA: 2

1 IKE Peer: 213.xxx.xxx.xxx

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

2 IKE Peer: 82.xxx.xxx.xxx

Type : user Role : responder

Rekey : no State : AM_ACTIVE


J mac


This Discussion