cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
678
Views
0
Helpful
5
Replies

Removing lines from PIX 515 config

Paul.Lane
Level 1
Level 1

I'm trying to cleanup the config on a PIX 515. I am trying to remove the following lines:

crypto map dyn-map 20 ipsec-isakmp dynamic cisco

isakmp identity hostname

isakmp policy 1 authentication rsa-sig

isakmp policy 1 encryption des

isakmp policy 1 hash sha

isakmp policy 1 group 1

isakmp policy 1 lifetime 86400

vpngroup unityclient idle-time 1800

I do a "no the line to remove" and a wr me.

When I check out the config file they are back. How do I get rid of the lines?

Also, would this be the reason that some users are not able to use VNC after they VPN into the network.

Thanks

5 Replies 5

mostiguy
Level 6
Level 6

Those lines are all part of a vpn configuration. Are you sure that they are not required by your configuration?

This most likely does not have anything to do with user's ability to use VNC through a VPN connection. Do they have trouble with any other protocols? Can they ping the machines they wish to VNC to through the vpn?

Matt

those are all the "default" parameters in the IKE phase 1 from a pix perspective. just like many times in other cisco gear, i don't believe...i could be wrong, that you can get rid of these.

actually, i just proved myself wrong. do a : no isakmp policy 1

and see if that works. that should take it away.

Thanks

tvanginneken
Level 4
Level 4

Hi,

no isakmp policy 1

should remove the lines.

Kind Regards,

Tom

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: