Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Client and IKE main mode negotiation

Is it possible to configure the Cisco VPN client to use IKE Main Mode negotiation with pre-shared keys? And with digital certificates? If yes, how could I do it?

2 REPLIES
Gold

Re: VPN Client and IKE main mode negotiation

just wondering the reason to insist the use main mode. both main and aggresive modes achieve the same result, except less steps involved with aggresive.

New Member

Re: VPN Client and IKE main mode negotiation

When a VPN is configured to use pre-shared keys and permits the VPN client to negotiate the session in aggressive mode, it sends a hash of this key in clear text, so...

The solution for this should be to deactivate the option which permits the VPN client to use aggressive mode.

This is why I'd like to know if I can force the VPN client to negotiate only in main mode.

432
Views
0
Helpful
2
Replies