Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How does the "ISAKMP POLICY" work in a PIX client VPN configuration

I have a configuration question in regards to "isakmp policy" configuration.

I am looking through the sample configurations on CCO, and seeing that many of the configurations have multiple policies for users with client 3.0, 1.0, and PIX to PIX scenerios.

My question is, how do you map the appropriate policy to the appropriate VPNGROUP? For example, let's say I have a set of users running client version 1.0. I will be having them use VPN group VER1. With the VPN group, i would like to map the appropriate policy to set the hash, encryption, etc. How do I ensure they are mapped to the corrent isakmp policy?

To put it simply, I don't know how the "isakmp policy" works. I know that there are priorities, but I am not sure when the priorities are "compared" for matches. I am looking for a document that could explain this, or just an explanation from a tech would be great.

Thanks in advance.


Re: How does the "ISAKMP POLICY" work in a PIX client VPN config

The following link should be what you are looking for.

CreatePlease login to create content