I have a PIX firewall with various VPNs.
One of these VPNs is configured without an ISAKMP policy, as such I assume it is using the Global Default Policy.
Secure Hash Standard
Diffie-Hellman group:#1 (768 bit)
But the VPN also has a transform set of esp-aes-256 esp-sha-hmac and i'm not sure how this affects the overall configuration?
In trying to configure a site to site VPN what settings would I need to give to the other end?
Also how does the transform set relate to the ISAKMP policy, what is the distinction between the two?
Basically this VPN drops regularly and I am trying to rule out config error and confirm what settings I have and/or should have.