12-12-2019 01:36 AM
Hello,
I'm trying to put a IOS XE router in two different FlexVPNs whose proposals not intersecting. The router has one WAN interface with one public IP so I can't distinguish policies by IP or VRF. Is it possible to configure different proposals for each neighbour in this case?
Regards,
Maxim
Solved! Go to Solution.
12-12-2019 02:48 AM
12-12-2019 01:58 AM
Hi,
The IKE proposals are not tied to specific peers. So you can just define multiple algorithms and the peers will negotiate, obviously there needs to be at least one common proposal.
HTH
12-12-2019 02:04 AM
12-12-2019 02:20 AM
12-12-2019 02:39 AM - edited 12-12-2019 02:41 AM
There is my network where I don't want to permit weaker ciphers, I'm configuring the hub. I need to connect to foreign network which permits DES. I'd like to receive AES encrypted traffic from my network and route it to foreign network encrypted with DES. I know that proposals are ordered, I have read IKEv2 documentation but hoped there is a way to distinguish between neighbours using only one IP.
12-12-2019 02:48 AM
12-12-2019 02:53 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide