Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
983
Views
0
Helpful
1
Replies

IPSEC

Go to solution
christo.pretorius
Level 1
Level 1

‎10-22-2020 12:00 AM

Good morning

 

I tried to install IPSEC on the above mentioned router, but the router does not accept the commands (I REMOVED MY NAMES AND IP ADDRESS):

crypto isakmp policy 1

hash md5

authentication pre-share

crypto isakmp key XXXXXXXX address X.X.X.X

!

!

crypto ipsec transform-set TR esp-des esp-sha-hmac

!

crypto map XXXXXXCRYPTOMAP 10 ipsec-isakmp

set peer X.X.X.X

set security-association lifetime seconds 15360

set transform-set TR

match address 190

 

Do I need separate licensing for this router to be able to run ipsec?

 

See router info:

SDPAMAD1#sh ver

Cisco IOS XE Software, Version 16.09.02

Cisco IOS Software [Fuji], ISR Software (ARMV8EB_LINUX_IOSD-UNIVERSALK9_IAS_NPE-M), Version 16.9.2, RELEASE SOFTWARE (fc4)

 

System image file is "bootflash:c1100-universalk9_ias_npe.16.09.02.SPA.bin"

 

Suite License Information for Module:'esg'

 

--------------------------------------------------------------------------------

Suite                 Suite Current         Type           Suite Next reboot

--------------------------------------------------------------------------------

FoundationSuiteK9_npe None                  None           None

securityk9_npe

appxk9

 

SDPAMAD1#sh license udi

SlotID   PID                    SN                      UDI

--------------------------------------------------------------------------------

*        C1111-8P              FGL2412LQMX     C1111-8P:FGL2412LQMX

 

SDPAMAD1#show license feature

Feature name             Enforcement  Evaluation  Subscription   Enabled  RightToUse

appxk9                   yes          yes         no             no       yes

securityk9_npe           yes          yes         no             no       yes

ipbasek9                 no           no          no             yes      no

FoundationSuiteK9_npe    yes          yes         no             no       yes

throughput               yes          yes         no             no       yes

internal_service         yes          no          no             no       no

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP

‎10-22-2020 04:48 AM

You need to purchase a security license for your router or enable the trial license.  As of right now you only have ipbasek9 license enabled.

securityk9_npe           yes          yes         no             no       yes

 

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marius Gunnerud
VIP
VIP

‎10-22-2020 04:48 AM

You need to purchase a security license for your router or enable the trial license.  As of right now you only have ipbasek9 license enabled.

securityk9_npe           yes          yes         no             no       yes

 

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card