Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12881
Views
3
Helpful
18
Replies

Internet Key Exchange (IKE) Aggressive Mode

Suresh Babu
Level 1
Level 1

‎01-17-2013 10:40 PM - edited ‎03-04-2019 06:45 PM

HI All,

Need the clarity on IKE version 1 with aggressive mode, I assume this is used for remote site VPN and not for site to site VPN.

Correct me I am wrong and also share the inputs on this.

Also required the inputs for disabling in Cisco 3800 series router.

Thanks in advance

Regards

Suresh

           

Labels:
0 Helpful
18 Replies 18

Suresh Babu
Level 1
Level 1
In response to Rudy Sanjoko

‎01-21-2013 05:50 AM

HI Rudy,

Just for clarification, I am referring to IKEv1 not IKE phase 1.

But your explanation seems to be for IKE phase1, Please confirm.

0 Helpful

Rudy Sanjoko
Level 4
Level 4
In response to Suresh Babu

‎01-21-2013 06:11 AM

yes, that is correct, it is IKE phase 1 for IKEv1, if it's IKEv2 you will need to configure the encryption, hash, DH group on IKEv2 proposal, it will look like below:

crypto ikev2 proposal name

   encryption {3des} {aes-cbc-128} {aes-cbc-192} {aes-cbc-256}

   integrity {sha1} {sha256} {sha384} {sha512} {md5}

   group {1} {2} {5} {14} {15} {16} {19} {20} {24}

   end

0 Helpful

Suresh Babu
Level 1
Level 1
In response to Rudy Sanjoko

‎01-21-2013 06:48 AM

Hi Rudy,

Is this IKEv1 is used for site to site or remote site VPN ?

0 Helpful

Rudy Sanjoko
Level 4
Level 4
In response to Suresh Babu

‎01-21-2013 07:36 AM

It can be used for S2S and also for  remote site VPN such as DMVPN, EZVPN.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card