Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
199
Views
0
Helpful
2
Replies

IPsec L2L tunnel

Anukalp S
Level 1
Level 1

‎04-25-2014 06:40 AM - edited ‎03-11-2019 09:07 PM

 

 Hi..

 I have cisco ASA version 8.4,i am settingup a L2L IPSec tunnel with our client. Client too has ASA. I have disable AM mode on my end ASA.

Does AM need to be disable on client end ASA to  get the negotiation happen b/w ASAs and tunnel up and working.

Pls help.

 

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎04-25-2014 10:32 PM

Hello,

 

I would say No just make sure the client is using Main mode to connect :)

 

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Poonam Garg
Level 3
Level 3
In response to Julio Carvajal

‎04-25-2014 11:46 PM

Main mode is the default selection on Cisco ASA.

By default on Cisco ASA, IKE runs in aggressive mode for only remote-access VPNs using preshared-key authentication, and this is a requirement for the connection to be successful due to the identity-matching mechanism.

If no changes has been done on your client side then default selection for IKE negotiation will be Main mode.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card