03-12-2008 06:34 AM
Hi, I have a couple of remote clients using a Cisco VPN concentrator who connect to our VPNSM through an IPSEC encrypted tunnel. On my end, I configure my transform-set to MD5 but it seems that on the remote end they have to configure Phase 2 to SHA in order to get the tunnel to work. I would have assumed that the tunnel wouldn't have even come up if both ends didn't match for the encryption piece?? Anyone else have a similar situation and can explain to me why this would even work? thanks
03-18-2008 07:20 AM
Security parameters have to be same on both the ends. Only then the tunnel would come up. I still haven't seen a working configuration with mismatch in security parameters.
03-18-2008 07:24 AM
Thanks for the reply and that's what I thought too. Doesn't make any sense to me.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: