I have a question in regards to setting up an IPSEC Site-To-Site tunnel.
In creation of the tunnel (either by going through the wizard or manually) there is a step to setup the IKE Proposal. From my understanding, this is a global priority list that is referenced between peers. However, I have many connection profiles setup between our ASA and multiple Vendors. Is there a way to specify the IKE Proposal by Connection Profile instead of by global priorities?
I have a scenario where the IKE Proposal is resulting in a 3des-sha encryption but both I and the vendor expect it to be setup using AES-128-sha.
If I were to change the global priority, would there be anything that would significantly break? Would changing the priority to have the 3des encryption with a higher number sever the connections that are currently using it?
Thanks