cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

4214
Views
5
Helpful
7
Replies

No crypto Isakmp enable

Hi,

Is it possible to disable the crypto isakmp default policy with the command "no crypto isakmp enable". Apparently the IOS does not support the command "no crypto isakmp default policy". I was thinking if this could be an alternative solution.

Thanks,

Neil

Everyone's tags (5)
7 REPLIES 7
Advisor

No crypto Isakmp enable

Hi,

if you do this then  here's what's gonna happen:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_c4.html#wp1046383

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

No crypto Isakmp enable

Hi Alain,

I have already seen the link, this where I based my question. If I disable the crypto isakmp enable, will this also disable the Default protection suite or the only way is to command "no crypto isakmp default policy"?

Regards,

Neil

Cisco Employee

No crypto Isakmp enable

Yes, you can disable the default isakmp policy on IOS, and it is only supported from version 12.4(20)T and higher.

Here is the command for your reference:

http://www.cisco.com/en/US/docs/ios-xml/ios/security/a1/sec-cr-c4.html#GUID-57679C7E-E20E-463A-9141-F5281A16A548

Advisor

No crypto Isakmp enable

Hi Jennifer,

cool info.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

No crypto Isakmp enable

Hi Jennifer,

Thanks for the reply. I know that is possible but we have a limitation on the IOS version. So that's why I was thinking of other ways to do it like disabling the isakmp itself. Besides "no crypto isakmp default policy" is there no other way possible? Do you guys know if "no crypto isakmp enable" also disables the isakmp default policy?

Thanks,

Neil

Advisor

No crypto Isakmp enable

Hi,

why don't you just do it then do a sh crypto isa policy ?

My feeling is that it won't but i've never tried it before.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Cisco Employee

No crypto Isakmp enable

That would disable the capabilities of terminating the IPSec Tunnel using IKE. Do you still use the router to terminate IPSec VPN, or you just want to disable IPSec VPN all together?

By the way, what version is your IOS?

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here