Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

isakmp initiation

When configuring isakmp on routers to set up a ipsec tunnel, which side will initiate the session for udp 500? Or both sides will attempt to initiate the session at the same time?

Thanks,

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: isakmp initiation

Hi,

It could be either router that initiates the ISAKMP exchange. It will depend which router sees interesting traffic first. E.g. if you had LAN-A behind Router A, and LAN-B behind Router B and someone from LAN-A tried to ping a machine in LAN-B, Router A would initiate the ISAKMP exchange. Hope that answers your question

Thanks

2 REPLIES
Community Member

Re: isakmp initiation

Hi,

It could be either router that initiates the ISAKMP exchange. It will depend which router sees interesting traffic first. E.g. if you had LAN-A behind Router A, and LAN-B behind Router B and someone from LAN-A tried to ping a machine in LAN-B, Router A would initiate the ISAKMP exchange. Hope that answers your question

Thanks

Community Member

Re: isakmp initiation

Just to clarify on my post, that was under the assumption that we are talking about a LAN to LAN VPN connection as opposed to a Remote Access VPN using a client etc.

Thanks

251
Views
0
Helpful
2
Replies
CreatePlease to create content