Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Two ASA IPVPN tunnel ikev1 and ikev2

Dear

I have using 2 ASA 5510 to make IPVPN tunnel.  From my experience.  I tried to used ONLY ikev1 are working fine. or I tried to used ONLY ikev2 are working fine for the tunnel connection.  So, any suggestion for me to keep using ikev1 or need to change to ikev2 instead?

Everyone's tags (3)
2 ACCEPTED SOLUTIONS

Accepted Solutions

Re:Two ASA IPVPN tunnel ikev1 and ikev2

Hello,

Not sure I understand your question.

Are u asking if u need to move to IKEV 2 or stay on 1???

If that s the question then are fine on v1. Of course as you are aware of there are several benefits over running Ikev2 but you could still run v1.


Sent from Cisco Technical Support Android App

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Re:Two ASA IPVPN tunnel ikev1 and ikev2

Hello Alan,

Yes, you can still do it.

I mean I recommend to start using IKEv2 as you have multiple benefits but it's not a MUST to do it. It will not be a secuarity breach to still use Ikev1.

And for your other question, yes you can terminate both IKEv 1 and IKEv2.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
5 REPLIES

Re:Two ASA IPVPN tunnel ikev1 and ikev2

Hello,

Not sure I understand your question.

Are u asking if u need to move to IKEV 2 or stay on 1???

If that s the question then are fine on v1. Of course as you are aware of there are several benefits over running Ikev2 but you could still run v1.


Sent from Cisco Technical Support Android App

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

Two ASA IPVPN tunnel ikev1 and ikev2

Hi, I can make connection for both either ikev1 or ikev2.  I am not sure is that any security reason need to change to ikev2.  Thank you for your answer.  I will keep in ikev1 as you said it is fine on v1.  thank you very much.

Re:Two ASA IPVPN tunnel ikev1 and ikev2

Hello Alan,

Yes, you can still do it.

I mean I recommend to start using IKEv2 as you have multiple benefits but it's not a MUST to do it. It will not be a secuarity breach to still use Ikev1.

And for your other question, yes you can terminate both IKEv 1 and IKEv2.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

Two ASA IPVPN tunnel ikev1 and ikev2

HI Jcarvaja

May I know the multiple benefits include any speed increase from opeartion prespective ?

Re:Two ASA IPVPN tunnel ikev1 and ikev2

Hello,

That's one of the most important actually.

I will provide you a great post about it  where Cisco talks about Why should we all migrate

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080bca116.shtml

Let me know if u have any other question bud

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
196
Views
0
Helpful
5
Replies
CreatePlease to create content