Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

DES Ciphers - Switch to 3DES

Hello,

We are running cisco 515 version 6.3 & I believe on the other end they are running an ASA. We would like to change out DES Cipher to 3DES. Now we have multiple tunnels terminating at our Pix 515, but we will only be changing the Cipher for one of the tunnels. None of our tunnels are running 3 DES :-(.

We have:

crypto ipsec transform-set ipsec-p2 esp-3des esp-sha-hmac

and I would add:

crypto ipsec transform-set vpn-strong2 esp-3des esp-md5-hmac

and this is the tunnel config and I would change vpn-strong to

vpn-strong2

crypto map ******** 97 ipsec-isakmp

crypto map ******** 97 match address * * * * *

crypto map ******** 97 set peer nyc-peer-01

crypto map ******** 97 set transform-set vpn-strong2

Am I correct? Me changing the transform-set should not affect our other tunnels?

1 REPLY

Re: DES Ciphers - Switch to 3DES

You are correct, this should not affect other tunnels, this of course once it is applied, however to apply this change it is safe to go ahead and shutdown your tunnel while making this change.

118
Views
0
Helpful
1
Replies
CreatePlease to create content