Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1182
Views
0
Helpful
2
Replies

Does ASA5510 use Aggressive Mode when setting up VPN tunnels?

a.ajiboye
Level 1
Level 1

‎09-22-2008 08:36 AM

Does ASA5510 use Aggressive Mode when setting up VPN tunnels?

Any link where I can get more information on this?

Also, is there any configuration on the ASA that can be done to mitigate the vulnerability mentioned in the link below?

http://www.cisco.com/warp/public/707/cisco-sr-20060726-ike.shtml

Best regards.

Labels:
0 Helpful
2 Replies 2

m-haddad
Level 5
Level 5

‎09-22-2008 02:39 PM

The link is only related to ASA running version 7.2. Right now the newest version is 8.04 which is not listed under this vulnerability. The default mode is aggressive mode but you can use main mode by disabling the aggressive mode using the command "isakmp am-disable" under the tunnel group.

Hope this helps,

0 Helpful

a.ajiboye
Level 1
Level 1
In response to m-haddad

‎09-25-2008 01:07 AM

Thank you very much for your response. This is very helpful.

Could you please provide me with a link that states that 8.04 has solved this vulnerability?

My ASA is running OS 8.0(3) but the company that did a Penetration Test on my ASA said my ASA 5510 is affected by this vulnerability.

Cheers.

0 Helpful
Customers Also Viewed These Support Documents