04-25-2014 06:40 AM - edited 03-11-2019 09:07 PM
Hi..
I have cisco ASA version 8.4,i am settingup a L2L IPSec tunnel with our client. Client too has ASA. I have disable AM mode on my end ASA.
Does AM need to be disable on client end ASA to get the negotiation happen b/w ASAs and tunnel up and working.
Pls help.
04-25-2014 10:32 PM
Hello,
I would say No just make sure the client is using Main mode to connect :)
Regards
04-25-2014 11:46 PM
Main mode is the default selection on Cisco ASA.
By default on Cisco ASA, IKE runs in aggressive mode for only remote-access VPNs using preshared-key authentication, and this is a requirement for the connection to be successful due to the identity-matching mechanism.
If no changes has been done on your client side then default selection for IKE negotiation will be Main mode.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide