Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Problem with PIX (6.1) and VPN Client (3.5.1) with SmartCards

Hi,,,

I have a PIX 515 (6.1) and VPN Client (3.5.1).

The Pix only support DES.

When I used the VPN Client (3.5.1) with SmartCards (Aladdin) the

ISAKMP proposal is the 3DES CBC.

This proposal is the only supported by the VPN Client with SmartCard or I

need to change any in the Configuration to support DES proposals.

Any Idea ????

Thanks

1 REPLY
Silver

Re: Problem with PIX (6.1) and VPN Client (3.5.1) with SmartCard

Yes. I do believe that is possible. You could refer to the document 'Configuring IPSec Between PIX and Cisco VPN Client Using Smartcard Certificates'. The document is available at the URL http://www.cisco.com/en/US/customer/tech/tk648/tk367/technologies_configuration_example09186a0080094e69.shtml

I not sure I agree with you when you say that the PIX supports only DES. The PIX firewall support 3DES too. Infact it is recommended that you use 3DES since it is a much stronger encryption algorithm.

On a PIX, to choose 3DES for IKE, the command is 'isakmp policy encryption 3des.

To choose 3DES for IPSec, the command is "crypto ipsec transform-set esp-3des "

117
Views
0
Helpful
1
Replies
CreatePlease to create content