I just recently took over a network that is wireless between sites, 8 sites total. Before the previous admin left he told me WEP was not enabled on the local access points but Cisco Encryption on the routers was. My question is how can I confirm that Cisco Encryption is enabled and where can I get more information about this. My concern is when I do a "show run" it doesn't say anything about encryption anywhere except for the enabled password. I plan on getting WEP going ASAP but I need to know if this previous person was telling me the truth and whether or not to look into a more secure option.
When I run the first command "sow run | incl crypto" It just goes to the next line like I just hit the enter key nothing shows up. When I do the second command "show crypto isakmp sa" I get an error message "Invalid input detected at '^' marker" I've done it more then once and every time it points to the word "Crypto" I'm assuming this guy lied to me and I have no encryption on this network....any other ideas?? in the meantime I'll check out the link you provided me.... Thanks
Well the 3640 is not participating in any IPSec as it is not running an IPSec capable IOS. To run IPSec you need an IOS that has 56i in the name for DES such as c3640-is56i-mz.121-2.T.bin or k2 in the name such as c3640-ik2s-mz.121-2.T.bin for triple DES.
CET Which was Cisco's proprietary encryption technology is no longer supported and I'd recommend not using it as it is no longer secure. So even if he was referring to this (need to see the configuration on the router to see if this is setup) then I'd suggest upgrading to IPSec anyway.
Remember, If you do want to post or email your config then please make sure you strip out any passwords.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...