Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Does ASA5510 use Aggressive Mode when setting up VPN tunnels?

Does ASA5510 use Aggressive Mode when setting up VPN tunnels?

Any link where I can get more information on this?

Also, is there any configuration on the ASA that can be done to mitigate the vulnerability mentioned in the link below?

http://www.cisco.com/warp/public/707/cisco-sr-20060726-ike.shtml

Best regards.

2 REPLIES
Silver

Re: Does ASA5510 use Aggressive Mode when setting up VPN tunnels

The link is only related to ASA running version 7.2. Right now the newest version is 8.04 which is not listed under this vulnerability. The default mode is aggressive mode but you can use main mode by disabling the aggressive mode using the command "isakmp am-disable" under the tunnel group.

Hope this helps,

Community Member

Re: Does ASA5510 use Aggressive Mode when setting up VPN tunnels

Thank you very much for your response. This is very helpful.

Could you please provide me with a link that states that 8.04 has solved this vulnerability?

My ASA is running OS 8.0(3) but the company that did a Penetration Test on my ASA said my ASA 5510 is affected by this vulnerability.

Cheers.

962
Views
0
Helpful
2
Replies
CreatePlease to create content