VPN Client and IKE main mode negotiation

Unanswered Question
Aug 25th, 2005

Is it possible to configure the Cisco VPN client to use IKE Main Mode negotiation with pre-shared keys? And with digital certificates? If yes, how could I do it?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jackko Thu, 08/25/2005 - 22:40

just wondering the reason to insist the use main mode. both main and aggresive modes achieve the same result, except less steps involved with aggresive.

jsol Thu, 08/25/2005 - 23:39

When a VPN is configured to use pre-shared keys and permits the VPN client to negotiate the session in aggressive mode, it sends a hash of this key in clear text, so...

The solution for this should be to deactivate the option which permits the VPN client to use aggressive mode.

This is why I'd like to know if I can force the VPN client to negotiate only in main mode.

Actions

Login or Register to take actions

This Discussion

Posted August 25, 2005 at 2:12 AM
By jsol
Stats:
Replies:2 Overall Rating:
Views:409 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard

Rank Username Points
1
tsteger1
916
2
acomiskey
894
3
Patrick Iseli
850
4
jmia@ohgroup.co.uk
808
5
jackko
787
Rank Username Points
Collin Clark
12
Karsten Iwen
10
Neno Spasov
10
Marvin Rhoads
9
Scott Olsen
5