Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Changing crypto isakmp identity on live network with active VPN's

We currently have several VPN's configured, site to site and remote access, on one of our firewalls.  All of the VPN's use pre-share key and ISAKMP is configured to use IP Address's for identifcation.  I need to setup a new VPN remote access group that will use certificates instead of a pre-sahred key.  In order to do this I will need to change the command crypto isakmp identity address to crypto isakmp identity auto.  The question comes up, since this is a system wide change, what affect (if any) it will have on existing tunnels?

Everyone's tags (2)