cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1140
Views
0
Helpful
5
Replies

Two ASA IPVPN tunnel ikev1 and ikev2

alan-wong
Level 1
Level 1

Dear

I have using 2 ASA 5510 to make IPVPN tunnel.  From my experience.  I tried to used ONLY ikev1 are working fine. or I tried to used ONLY ikev2 are working fine for the tunnel connection.  So, any suggestion for me to keep using ikev1 or need to change to ikev2 instead?

2 Accepted Solutions

Accepted Solutions

Julio Carvajal
VIP Alumni
VIP Alumni

Hello,

Not sure I understand your question.

Are u asking if u need to move to IKEV 2 or stay on 1???

If that s the question then are fine on v1. Of course as you are aware of there are several benefits over running Ikev2 but you could still run v1.


Sent from Cisco Technical Support Android App

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

Hello Alan,

Yes, you can still do it.

I mean I recommend to start using IKEv2 as you have multiple benefits but it's not a MUST to do it. It will not be a secuarity breach to still use Ikev1.

And for your other question, yes you can terminate both IKEv 1 and IKEv2.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

5 Replies 5

Julio Carvajal
VIP Alumni
VIP Alumni

Hello,

Not sure I understand your question.

Are u asking if u need to move to IKEV 2 or stay on 1???

If that s the question then are fine on v1. Of course as you are aware of there are several benefits over running Ikev2 but you could still run v1.


Sent from Cisco Technical Support Android App

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi, I can make connection for both either ikev1 or ikev2.  I am not sure is that any security reason need to change to ikev2.  Thank you for your answer.  I will keep in ikev1 as you said it is fine on v1.  thank you very much.

Hello Alan,

Yes, you can still do it.

I mean I recommend to start using IKEv2 as you have multiple benefits but it's not a MUST to do it. It will not be a secuarity breach to still use Ikev1.

And for your other question, yes you can terminate both IKEv 1 and IKEv2.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

HI Jcarvaja

May I know the multiple benefits include any speed increase from opeartion prespective ?

Hello,

That's one of the most important actually.

I will provide you a great post about it  where Cisco talks about Why should we all migrate

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080bca116.shtml

Let me know if u have any other question bud

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: