07-28-2005 10:55 PM
VPN 3000 config guide says that:
"...Group 5 (1536-bits) ...... works only for LAN-to-LAN connections, and for clients using certificates."
but then it also lists this proposal:
"...CiscoVPNClient3DES-MD5-DH5 = Use preshared keys (XAUTH).... Use D-H Group 5 to generate SA keys. This selection
allows XAUTH user-based authentication."
Does this mean that this particular proposal can only be used with LAN-to-LAN connections or is there something I'm missing?
08-03-2005 10:21 PM
Hi,
I have a running connection with VPN Client 4.0.5(D) and Concentrator 3005 Version 4.7.2 with IPSec SAs parameters AES-256 and DH-Group 5 and it works fine.
So it seems that this is working for client connections too and not only for L2L connections.
08-06-2005 04:25 AM
Thank you for your answer,
are you using digital certificates, hybrid authentication or preshared keys?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide