Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

IKE aggressive mode on PIX 501

Due to PCIDSS requirements I need to have IKE aggressive mode disabled on all the devices that terminate VPN Tunnels. Unfortunately I have several PIX 501s out there that don't have the capability to disable IKE Aggressive mode. Would it work to create access lists that only allow port 500/udp and protocol 50 from my VPN Concentrator's IP and deny all other traffic, effectively making IKE aggressive mode a non issue?

366
Views
0
Helpful
0
Replies
CreatePlease to create content