Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Initiating aggressive mode with IPSec

Hi all

With pre-shared key, if I need to initiate an aggressive site to site IPSec connection, I configure the following:

crypto isakmp peer hostname ciscoasa

set aggressive client-endpoint fqdn ciscoasa

set aggressive password cisco

But if I am going to use certificates with the following configuration, the tunnel doesn't comes up:

crypto isakmp peer hostname ciscoasa

set aggressive client-endpoint fqdn ciscoasa

Please let me know the necessary commands to initiate an IPSec site to site connection with digital certificates.

1 REPLY
Cisco Employee

Re: Initiating aggressive mode with IPSec

Hi,

You may check this:

ASA/PIX 8.x: Site-to-Site IPSec VPN Authentication Using Digital Certificates with Microsoft CA Configuration Example

https://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080aa5be1.shtml

HTH

JK

Plz rate helpful posts-

~BR Jatin Katyal **Do rate helpful posts**
365
Views
0
Helpful
1
Replies