topic IPsec L2L tunnel in Network Security

IPsec L2L tunnel

Anukalp S — Tue, 12 Mar 2019 04:07:21 GMT

Hi..

I have cisco ASA version 8.4,i am settingup a L2L IPSec tunnel with our client. Client too has ASA. I have disable AM mode on my end ASA.

Does AM need to be disable on client end ASA to get the negotiation happen b/w ASAs and tunnel up and working.

Pls help.

Hello, I would say No just

Julio Carvajal — Sat, 26 Apr 2014 05:32:26 GMT

Hello,

I would say No just make sure the client is using Main mode to connect 🙂

Regards

Main mode is the default

Poonam Garg — Sat, 26 Apr 2014 06:46:35 GMT

Main mode is the default selection on Cisco ASA.

By default on Cisco ASA, IKE runs in aggressive mode for only remote-access VPNs using preshared-key authentication, and this is a requirement for the connection to be successful due to the identity-matching mechanism.

If no changes has been done on your client side then default selection for IKE negotiation will be Main mode.