Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Pass through aes-256

Is it possable to connect to another pix using aes-256 from behind another

pix. I have used the fixup protocol esp-ike and this works for des or 3des but

I am not able to connect when I change to aes-256 on the remote pix.


Re: Pass through aes-256

are you sure the remote pix supports aes? what pix os is it running?

New Member

Re: Pass through aes-256


Here is my show version. This pix is also running a pix to pix site vpn using aes-256. I have placed a labtop outside of the firewall with a public IP and it

also hangs when a vpn client trys to connect on securing channel.

Cisco PIX Firewall Version 6.3(1)

Cisco PIX Device Manager Version 1.1(2)

Compiled on Wed 19-Mar-03 11:49 by morlee

hopper up 12 mins 42 secs

Hardware: PIX-515, 64 MB RAM, CPU Pentium 200 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0050.54fe.ee01, irq 10

1: ethernet1: address is 0050.54fe.ee02, irq 7

2: ethernet2: address is 00d0.b708.c848, irq 11

3: ethernet3: address is 0002.b31b.e57a, irq 9

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Interfaces: 6

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has an Unrestricted (UR) license.

New Member

Re: Pass through aes-256

This was issue was caused because I forgot

the crypto map interface outside command.