Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Mode configuration, several requests from one peer


I have a question about mode configuration. If the same peer makes several config requests to a router (an 871 in my case) protected by one IKE SA, will it always get the same IP address from the responding router?

I would like to request more than one IP address for the peer using mode configuration requests - is this possible? I only want to request one IP address at a time but I would like to be assigned a new IP address for each request.

So far it seems that I get the same IP address in each config reply from the same peer (when sending requests belongning to the same IKE SA) but this could very well be because of some configuration error I have made so I would like to know whether it is possible to get different addresses.




Re: Mode configuration, several requests from one peer

I dont think it is possible to have different IP addresses allocated for different config requests belonging to same IKE SA by the same peer .

New Member

Re: Mode configuration, several requests from one peer

Thanks for your reply. I agree with you that it doesn't seem possible. Is it because it's the same IKE SA or because it's the same peer? I.e. if the same peer would set up several IKE SAs to the router (which I don't know if it's possible) could it be allocated several IP addresses?

Is this limitation part of some standard or is it just a limitation of the Cisco implementation?

According to the IETF drafts regarding mode config (draft-dukes-ike-mode-cfg-02 for example) it should be possible to request more than one IP address in the same config request. Is this supported by Cisco IOS?

Thanks again,