Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISAKMP Policy - Group2

Hi

On  a Hub Router can we run two different crypto policy

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

crypto isakmp policy 2

encr 3des

hash md5

authentication pre-share

group 2

My 2nd question : Do we need to apply 'Group 2' command in crypto isakmp policy for Dynamic IPSEC VPN ( Hub and spoke both are IOS routers )

I am planning to move a site-2-site vpn from ASA to IOS router.

ASA--------------------------------Router-spokeX   (current working scenario )

ASA - static ip

Router - Dynamic IP

New Plan

Router-hub-----------------Router-spokeX

Router-hub  - static Ip

Router-spokeX - Dynamic IP

Router-Hub already got 3 IPSEC tunnel running where all got static ip

thanks

ST

2 REPLIES

ISAKMP Policy - Group2

you can run as many you want but between sites VPN tunnel will be formed based on common policy .Suppose you have 10 remote sites running with diffrent policies and 10 policies you will have to configure on HUB as well.

New Member

ISAKMP Policy - Group2

Then I guess I got configuration issue for Dynamic IPSEC VPN

538
Views
0
Helpful
2
Replies
CreatePlease to create content