About hongsang

hongsang · 03-18-2019

I have a site-to-site VPV using IKEv1. If I would disable aggressive mode on ASA. Shall I disable at remote device or local device first, then change on the other peer? Do the VPN connection drop when apple the change? Any thing I need to be aware be...

hongsang · 06-19-2018

My ASA firewall are running IKEV1 3DES-SHA . Can anyone guide me how to change to AES256-SHA?

hongsang · 03-20-2019

I checked it is MM_Active. It should be safe to disable Aggressive Mode.Thanks for your support.

hongsang · 03-18-2019

If one firewall configure disable aggressive mode but another end not disable, what will happen?

hongsang · 06-22-2018

I will login the remote site firewall from local site throught the VPN link. If I just change the crypto map, is there any risk my session will be terminated and cannot fallback?

hongsang · 06-19-2018

My current crypto map is set as crypto map myoutmap 1 ikev1 transform-set VPNESP-3DES-SHA Do I need to create other crypto map for AES?

hongsang · 06-19-2018

Thanks for your reply promptly. I will try it. Do I just run the "clear crypto..." commands on local site? If I encounter problem, shall I just disable the policy 5 and run clear crypto... commands again to fall back?

Member Since	‎06-19-2018 03:02 AM
Date Last Visited	‎03-24-2019 10:31 AM
Posts	8

User Statistics

User Activity

Disable Aggresive Mode

Site to Site IPsec VPN change from 3DES to AES-256 on ASA55xx

Re: Disable Aggresive Mode

Re: Disable Aggresive Mode

Re: Site to Site IPsec VPN change from 3DES to AES-256 on ASA55xx

Re: Site to Site IPsec VPN change from 3DES to AES-256 on ASA55xx

Re: Site to Site IPsec VPN change from 3DES to AES-256 on ASA55xx