Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
1
Replies

PIX and FQDN as isakmp identity

reinke
Level 1
Level 1

‎04-01-2004 11:34 AM - edited ‎02-20-2020 11:19 PM

My pix should set up a vpn tunnel to a third-party gateway using pre-shared keys. IKE phase 1 fails, because the other side delivers its FQDN as isakmp identity. Therefore, the pix cannot find the required pre-shared key.

How do I have to configure my pix to be able to select pre-shared key for remote peer, when remote peer delivers fqdn as isakmp identity?

Thanks in advance

Edgar

0 Helpful
1 Reply 1

drolemc
Level 6
Level 6

‎04-07-2004 07:13 AM

There are a couple of command that you will have to use.

-Use the "isakmp identity hostname" command in place of "isakmp identity address",

-Use "crypto map set peer " instead of "crypto map set peer "

Yuo might optionally have to use the command 'isakmp peer fqdn hostname no-xauth no-config-mode'. More information about this command is available at

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a008010578b.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card