ios vpn aggressive mode with hostname

Unanswered Question
Jun 22nd, 2009


When I entered the command below on the router:

crypto isakmp peer hostname

The router automatically changes the command to:

crypto isakmp peer address

Is it possible to keep the hostname in the configure?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading. Wed, 07/01/2009 - 15:21

Thanks. I got the same conclusion too. The problem is that you can only use IP address for the "crypto isakmp peer" command. Even though it has the hostname option, the router will automatically convert it to IP address. This defeats the main purpose which is to setup LAN-2-LAN VPN without reference to IP address.

In summary, at this point of time, I don't think it is possible to use hostname for LAN-2-LAN VPN on Cisco router/ASA alone, if preshared key authentication is used.

The alternation option is to use certificate for authentication, or use third party router as the aggressive mode initiator.




This Discussion