Hi, I am using the Cisco Concentrator 3015 and the latest Cisco VPN client. I have got users connected using CiscoVPNClient-AES256-SHA instead of CiscoVPNClient-3DES-MD5 for the IKE proposal. (which I think is the phase 1).
Both use Diffie Hellman Group 2, but I want to use Diffie Hellman Group 5 with AES-256 which I am told is the right one.
The thing is if I set it to Diffie Hellman Group 5 (in CiscoVPNClient-AES256-SHA) then this is ignored and users connect using IKE CiscoVPNClient-3DES-MD5 instead.
Can the Cisco VPN client to handle DH Group 5?