Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2890
Views
9
Helpful
10
Replies

SSH 3DES

normanzhang
Level 1
Level 1

‎09-02-2005 12:12 PM - edited ‎03-09-2019 12:19 PM

How do I change PIX to use 3DES instead of DES for SSH?

2 people had this problem
Labels:
0 Helpful
10 Replies 10

rsmith
Level 3
Level 3

‎09-02-2005 12:25 PM

The PIX documentation (version 6.3 and version 7.0) does not show an option for specifying DES or 3DES connectivity. I believe that this can only be controlled from the client software.

0 Helpful

normanzhang
Level 1
Level 1
In response to rsmith

‎09-04-2005 04:55 AM

Is the option comes with licsenced PIX?

0 Helpful

jackko
Level 7
Level 7
In response to normanzhang

‎09-04-2005 08:02 PM

firstly, do a "show version" to verify whether your pix has 3des enabled.

if so, then try re-generate the rsa key

ca zeroize rsa

ca generate rsa key

ca save all

jmia
Level 7
Level 7

‎09-04-2005 07:33 AM

Norman,

If I'm understanding your question correctly, you are asking for 3DES key for your PIX - correct? Does your PIX show only DES enabled if you issue sho ver on your PIX?

If the above is correct, you can obtain 3DES/AES Licence key from Cisco FREE of charge, go here and follow the instructons:

https://tools.cisco.com/SWIFT/Licensing/jsp/formGenerator/Pix3DesMsgDisplay.jsp

You'll need to login, which you can do with your netpro username and password and follow the instructions.

Hope this helps and if it does please rate post.

Thanks -

Jay

dendi.rahadianto
Level 1
Level 1
In response to jmia

‎09-05-2005 10:28 PM

Dear all,

Following conversation may you all can help me with activation-key. since i copy paste activation key from imel to pix then reload it, flash getting hang like this :

Panic: - map_p2l_4k(400000, 400000) already mapped to ffffffff

anyone have experiencing this probs .

regards,

dendi--

0 Helpful

normanzhang
Level 1
Level 1
In response to jmia

‎09-06-2005 06:54 AM

My PIX currently doesn't have 3DES enabled. I'll test your suggestion and report back. Thanks.

VPN-DES: Enabled

VPN-3DES-AES: Disabled

0 Helpful

normanzhang
Level 1
Level 1
In response to jmia

‎09-08-2005 02:33 PM

I now have a new key from Cisco.

_New_

Maximum Interfaces: 6

Failover: Enabled

VPN-DES: Enabled

VPN-Triple DES: Enabled

Failover mode only license : No

Cut-through Proxy: Enabled

Guards: Enabled

Websense: Enabled

This is slightly different from the old.

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Disabled

Maximum Physical Interfaces: 6

Maximum Interfaces: 10

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

I guess Websense replaced URL-filtering? How about the Unlimited options? Do I need to worry about them?

0 Helpful

normanzhang
Level 1
Level 1
In response to normanzhang

‎09-09-2005 05:29 PM

They are the same.

0 Helpful

dendi.rahadianto
Level 1
Level 1
In response to normanzhang

‎09-11-2005 05:25 PM

What are the same , login ? no i don't thing so. You will have differrent secure login. try open 2 ssh using ssh id@host_ip, and other using old way. Please take a look as well on pix for ssh session.

regards

dendi

0 Helpful

EU UC Support
Level 4
Level 4
In response to jmia

‎07-27-2015 02:12 AM

Thanks Jay.

For some reason your link didn't work or it may have expired. However it gave us the clue.

For others with similar issue, also check this link.

http://www.gomjabbar.com/2011/07/17/recovering-a-license-activation-key-for-the-cisco-asa/#sthash.rnrQkoCo.dpbs

 

MK

0 Helpful
Customers Also Viewed These Support Documents