Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2165
Views
0
Helpful
3
Replies

Crypto isakmp feature not available

cagzpo0013
Level 1
Level 1

‎12-05-2014 10:06 PM - edited ‎03-05-2019 12:18 AM

Good evening,

I have a question in regards to enabling Crypto isakmp features on a couple of Cisco3925 routers.

I have attached the sh versions from both routers so that you can see the model and software versions of the routers.

I am trying to enable Crypto isakmp for crypto map creation for a VPN tunnel between the routers and a remote site.

The current version of software doesn’t seem to have the crypto isakmp feature. Can you tell me which software version I need to upgrade to that would provide crypto isakmp features as well as the features that exist on the current version of software?

Switch 1

Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
ROM: System Bootstrap, Version 15.1(1r)T4, RELEASE SOFTWARE (fc1)

System image file is "flash0:c3900e-universalk9-mz.SPA.151-4.M4.bin"
Cisco CISCO3925-CHASSIS (revision 1.0) with C3900-SPE200/K9 with 1015808K bytes of memory.
Technology Package License Information for Module:'c3900e'

-----------------------------------------------------------------
Technology    Technology-package           Technology-package
              Current       Type           Next reboot
------------------------------------------------------------------
ipbase        ipbasek9      Permanent      ipbasek9
security      None          None           None
uc            uck9          Permanent      uck9
data          None          None           None

 

Switch 2

Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
ROM: System Bootstrap, Version 15.1(1r)T4, RELEASE SOFTWARE (fc1)

System image file is "flash0:c3900e-universalk9-mz.SPA.151-4.M2.bin"
Cisco CISCO3925-CHASSIS (revision 1.0) with C3900-SPE200/K9 with 1015808K bytes of memory.
Technology Package License Information for Module:'c3900e'

-----------------------------------------------------------------
Technology    Technology-package           Technology-package
              Current       Type           Next reboot
------------------------------------------------------------------
ipbase        ipbasek9      Permanent      ipbasek9
security      None          None           None
uc            uck9          Permanent      uck9
data          None          None           None

 

thank you for your help!

Labels:
0 Helpful
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-05-2014 10:13 PM

The appliance that "doesn't" support crypto isakmp is running an M4 firmware while the one that works is running an older M2 firmware.   Both routers are running "k9" feature.  

 

This leads me to believe it could be an IOS bug.   

 

You could try by swapping the CF of the 1st router with the 2nd one and see if your still have the function.  If you loose crypto isakmp functionality, then it's certain there's an IOS bug with the M4.

0 Helpful

Karsten Iwen
VIP
VIP

‎12-06-2014 03:31 AM

Both, routers don't have the Security-License. So it shouldn't be possible to use them on both devices. 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Karsten Iwen

‎12-06-2014 05:59 PM

Karsten got it right. The issue is not the version of IOS (the versions shown in both show versions would have that feature in the code) but the issue is the licensing on the routers. Without the Security license you do not have support for Crypto ISAKMP and with the Security license you would have the feature.

 

The k9 in the version indicates support for encryption for things like SSH but is not enough to give you the Crypto ISAKMP support.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents