Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISAKMP IPSec identity change

i have a Cisco 2651XM router and is connected behind an ADSL router.

ADSL router has a static public IP Address and my Cisco WAN has

I am trying to setup a VPN tunnel to another company however their internal policies will not allow them to use a private IP as the identity.

my identity currently comes up as

how can i change the isakmp identity to or to my public IP address?

i didnt want to set my adsl router into bridge mode and set my cisco wan with the public IP As i have other devices connected to this side of the cisco.

i use SDM mainly and then alter things i need to afterwards but am happy to change in ios.

i have seen the commands

crypto isakmp identity address

crypto isakmp identity hostname

but do not know how to set these?

Everyone's tags (3)
Cisco Employee

Re: ISAKMP IPSec identity change

think the reason they do not want to use private ip is for security purposes

i dont think there is anyway of changing the crpto identity address to a different ip

i see 2 ways out

  • make your headend accept hostname (but again i dont htink they would agree to that for security reasons)

  • use PKI or certificates (which i think they will be ok with because this is the most secure way)

else convince your managment to accept private ip as identity

New Member

Re: ISAKMP IPSec identity change

hi Jathaval

thanks for your quick response.

my head end do say that they will accept host name, how do i go about implementing that using

many thanks

Cisco Employee

Re: ISAKMP IPSec identity change

change your hostname to


then enter the command

crypto isakmp identity hostname