Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
2
Replies

VPN Client and IKE main mode negotiation

jsol
Level 1
Level 1

‎08-25-2005 02:12 AM - edited ‎02-21-2020 01:55 PM

Is it possible to configure the Cisco VPN client to use IKE Main Mode negotiation with pre-shared keys? And with digital certificates? If yes, how could I do it?

Labels:
0 Helpful
2 Replies 2

jackko
Level 7
Level 7

‎08-25-2005 10:40 PM

just wondering the reason to insist the use main mode. both main and aggresive modes achieve the same result, except less steps involved with aggresive.

0 Helpful

jsol
Level 1
Level 1
In response to jackko

‎08-25-2005 11:39 PM

When a VPN is configured to use pre-shared keys and permits the VPN client to negotiate the session in aggressive mode, it sends a hash of this key in clear text, so...

The solution for this should be to deactivate the option which permits the VPN client to use aggressive mode.

This is why I'd like to know if I can force the VPN client to negotiate only in main mode.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents