Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
546
Views
0
Helpful
2
Replies

515e VPN encrytion

johnnymac
Level 1
Level 1

‎02-01-2007 09:28 AM - edited ‎03-11-2019 02:27 AM

Hi,

I have two VPN's running which both use des-md5 encryption. I set up a new vpn which i want to use 3des-sha. After setting this up i noticed that when I connected to the new VPN I was only getting des-md5. Is there anyway i can specify this without affecting the other VPNs?

I have posted part of the config.

Regards

J Mac

Labels:
Preview file
4 KB
0 Helpful
2 Replies 2

zulqurnain
Level 3
Level 3

‎02-01-2007 10:14 AM

hello,

after looking at your config, can you tell me that when you are initiating the vpn tunnl to this second peer, where do you connect to. can you paste the output of

"sh crypto isakmp sa"

because i think your crypto map is only complete for one peer, your have multiple lines missing in your config, you have to define separatly the "set peer", "transform-set" and "match address" which will match this second vpn access-list for interesting traffic.

0 Helpful

johnnymac
Level 1
Level 1
In response to zulqurnain

‎02-02-2007 02:52 AM

Hi,

thanks for your response here is the "sh crypto isakmp sa"

Active SA: 2

Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)

Total IKE SA: 2

1 IKE Peer: 213.xxx.xxx.xxx

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

2 IKE Peer: 82.xxx.xxx.xxx

Type : user Role : responder

Rekey : no State : AM_ACTIVE

Thanks

J mac

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card