cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2225
Views
0
Helpful
1
Replies

des and 3des on same pix

careyg
Level 1
Level 1

I was wondering how I could create two vpn's from one pix to two others, one using des and the second using 3des. I have created multiple vpn's both using des so I know about the access-list for nat, the two isakmp keys and such. the thing I am not sure about is how to configure the isakmp policies...

Thanks

1 Reply 1

thegreenwood
Level 1
Level 1

You need to add a few thing to get both working.

1) you will need a two policy statements

onefor des and 3des

isakmp policy 10 encryption des

isakmp policy 20 encryption 3des

2) You will need two ipsec transform-sets on for des and one for 3des

crypto ipsec transform-set 1 esp-des esp-md5-hmac

crypto ipsec transform-set 2 esp-3des esp-md5-hmac

3) Then on your crypto-map idenify which transform-set to use 1 or 2 -

crypto map vpn 10 set transform-set 1 (des site)

crypto map vpn 20 set transform-set 2 (3des site)

That should be all you need

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: