07-03-2003 06:32 AM - edited 03-09-2019 03:54 AM
Is it possable to connect to another pix using aes-256 from behind another
pix. I have used the fixup protocol esp-ike and this works for des or 3des but
I am not able to connect when I change to aes-256 on the remote pix.
07-03-2003 07:57 AM
are you sure the remote pix supports aes? what pix os is it running?
07-03-2003 08:21 AM
Yes,
Here is my show version. This pix is also running a pix to pix site vpn using aes-256. I have placed a labtop outside of the firewall with a public IP and it
also hangs when a vpn client trys to connect on securing channel.
Cisco PIX Firewall Version 6.3(1)
Cisco PIX Device Manager Version 1.1(2)
Compiled on Wed 19-Mar-03 11:49 by morlee
hopper up 12 mins 42 secs
Hardware: PIX-515, 64 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB
0: ethernet0: address is 0050.54fe.ee01, irq 10
1: ethernet1: address is 0050.54fe.ee02, irq 7
2: ethernet2: address is 00d0.b708.c848, irq 11
3: ethernet3: address is 0002.b31b.e57a, irq 9
Licensed Features:
Failover: Enabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Interfaces: 6
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has an Unrestricted (UR) license.
07-03-2003 11:10 AM
This was issue was caused because I forgot
the crypto map
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide