Router SDM Default IKE proposals and transform sets

Unanswered Question
Jul 9th, 2008


ive been using the SDM to configure a VPN using the wizards in my ISCW training, and ive noticed the default IKE proposals and transform sets are configured with a priority of 1, and the cannot be edited. this means that if you setup a VPN using the SDM wizards on both ends of the connection, your vpn will form using only the pre-set IKE / transform parameters (in my case an IKE of 3des / sha, and ESP of 3des / SHA)

I relise that this can easily be changed in the CLI, but youd think the sdm should allow you to choose your preferred IKE and transform sets.

does anyone know how this can be done on SDM?


(ios ver 12.4-5a adv ip ser, SDM ver 2.3.2)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
trippi Wed, 07/09/2008 - 20:08

I can edit mine in the SDM...

I'm using IOS 12.4(12c), SDM 2.5.

If you aren't comfortable with the CLI, you could use something like RouterTweak.

jonesandrew Wed, 07/09/2008 - 20:14

im fine with using the CLI, i just thought it was strange that i couldnt edit them.

its probably a sdm / ios version thing. ive used SDM 2.5, but the firewall configuration is different to that shown in the ISCW labs so i rolled back.


purohit_810 Wed, 07/09/2008 - 20:19

Change default IKE proposal priority then try to build new IKE proposals. After change transform it will allow you.



This Discussion