Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
864
Views
0
Helpful
1
Replies

Anyconnect and preshared keys

waltrich
Level 1
Level 1

‎03-10-2015 02:55 PM - edited ‎02-21-2020 08:07 PM

Is it possible to use the anyconnect client and still use preshared keys?  I'm trying to remediate a PCI issue that requires removing IKEv1, and preshared key, and disabling aggressive mode.

Will any of this break Anyconnect?  Your assistance in appreciated!

1 person had this problem
Labels:
0 Helpful
1 Reply 1

David Johan Castro Fernandez
Level 3
Level 3

‎03-10-2015 09:42 PM

Hi,

 

It is completely possible, You can disable the aggressive mode from the ASA and it will not affect the AnyConnect beacuse it uses (TLS and DTLS protocols)which is completely different from the IPSec.

 

Now you can disable the aggressive mode as follow:

 

hostname(config)# crypto ikev1 am-disable

 

If you have VPN clients IPSec, they will work with main mode if you use certificate authentication only, not using pre-shared keys.

 

Please don't forget to rate and Mark as correct the helpful Post!

 

David Castro,

 

Regards,

 

 

 

0 Helpful
Customers Also Viewed These Support Documents