VPN Client and IKE main mode negotiation

Unanswered Question
Aug 25th, 2005

Is it possible to configure the Cisco VPN client to use IKE Main Mode negotiation with pre-shared keys? And with digital certificates? If yes, how could I do it?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
jackko Thu, 08/25/2005 - 22:40

just wondering the reason to insist the use main mode. both main and aggresive modes achieve the same result, except less steps involved with aggresive.

jsol Thu, 08/25/2005 - 23:39

When a VPN is configured to use pre-shared keys and permits the VPN client to negotiate the session in aggressive mode, it sends a hash of this key in clear text, so...

The solution for this should be to deactivate the option which permits the VPN client to use aggressive mode.

This is why I'd like to know if I can force the VPN client to negotiate only in main mode.

Actions

Login or Register to take actions

This Discussion

Posted August 25, 2005 at 2:12 AM
By jsol
Stats:
Replies:2 Avg. Rating:
Views:384 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard