IKE aggressive mode on PIX 501

Unanswered Question
Oct 8th, 2008

Due to PCIDSS requirements I need to have IKE aggressive mode disabled on all the devices that terminate VPN Tunnels. Unfortunately I have several PIX 501s out there that don't have the capability to disable IKE Aggressive mode. Would it work to create access lists that only allow port 500/udp and protocol 50 from my VPN Concentrator's IP and deny all other traffic, effectively making IKE aggressive mode a non issue?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion