Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSEC, Peer-To-Peer, Polcies.

Hi all,

From this following text,

"Peers need to negotiate a common ISAKMP policy in order to establish an IPsec peer relationship. So depending on the devices you expect to peer with, you may need multiple ISAKMP policies. Each ISAKMP policy is assigned a unique priority number between 1 and 10,000.

"

Question_1: Is it so that each policy would be towards one peer? Or what is the policy about?

Question_2: What is the role of the priority number?

Thanks a lot.

Kind regards.

2 REPLIES

Re: IPSEC, Peer-To-Peer, Polcies.

The ISAKMP policies are not specific to a peer. They are configured globally and identify what phase 1 attributes the security device supports. The priority number is used to uniquely identify each respective ISAKMP policy.

New Member

Re: IPSEC, Peer-To-Peer, Polcies.

Hello!

Thanks for that reply. Further question: On one gateway, only one ISAKMP policy is supported right? Or more? What is the relation between the ISAKMP policy, peer and the priority?

Sorry, but I am still a bit confused.

Thanks again.

Kind regards.

108
Views
0
Helpful
2
Replies