Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
3
Replies

Router SDM Default IKE proposals and transform sets

jonesandrew
Level 1
Level 1

‎07-09-2008 04:31 PM

hi,

ive been using the SDM to configure a VPN using the wizards in my ISCW training, and ive noticed the default IKE proposals and transform sets are configured with a priority of 1, and the cannot be edited. this means that if you setup a VPN using the SDM wizards on both ends of the connection, your vpn will form using only the pre-set IKE / transform parameters (in my case an IKE of 3des / sha, and ESP of 3des / SHA)

I relise that this can easily be changed in the CLI, but youd think the sdm should allow you to choose your preferred IKE and transform sets.

does anyone know how this can be done on SDM?

Cheers,

(ios ver 12.4-5a adv ip ser, SDM ver 2.3.2)

Labels:
0 Helpful
3 Replies 3

trippi
Level 1
Level 1

‎07-09-2008 08:08 PM

I can edit mine in the SDM...

I'm using IOS 12.4(12c), SDM 2.5.

If you aren't comfortable with the CLI, you could use something like RouterTweak.

0 Helpful

jonesandrew
Level 1
Level 1
In response to trippi

‎07-09-2008 08:14 PM

im fine with using the CLI, i just thought it was strange that i couldnt edit them.

its probably a sdm / ios version thing. ive used SDM 2.5, but the firewall configuration is different to that shown in the ISCW labs so i rolled back.

thanks.

0 Helpful

purohit_810
Level 5
Level 5

‎07-09-2008 08:19 PM

Change default IKE proposal priority then try to build new IKE proposals. After change transform it will allow you.

Dharmesh

0 Helpful
Customers Also Viewed These Support Documents