Re: Ipsec tunnel VPN

shaikh.zaid22 · ‎12-30-2020

Is it possible to create ipsec vpn with one phase 1 parameters defined, whereas the phase 2 parameters kept non or default at both ends?

Does the tunnel will be created ? if the tunnel is created then the data traversing will be plaintext ?

I dont have a license for vpn and was just curious to know if it is possible.

Rob Ingram · ‎12-30-2020

@shaikh.zaid22 You need to define Phase 2 parameters, most devices have defaults - these do differ between versions. These Phase 2 parameters must be the same as used with the peer device, if they don't match then a tunnel will not be formed.

What hardware device are you referring to? If it's a router, then you can use a GRE tunnel, which would not require IPSec and data transferred unencrypted.

balaji.bandi · ‎12-30-2020

As long as both the side parameter matches, the tunnel will be enabled.

how secure is this config is - other question related to business ?

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎12-30-2020

why IPSec if you need plaintext
use VTI or GRE.

shaikh.zaid22 · ‎12-30-2020

Actually i dont have the license the IPsec VPN and was wondering if it can be acvieved.

Yes via GRE tunnel we can achieve on router.

balaji.bandi · ‎12-31-2020

Then you have only option of GRE if you do not have advanced License.

Then do some ACL also helps.

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help