01-26-2018 07:53 AM - edited 03-12-2019 04:57 AM
trying to configure isakmp policy but cant see the option, please see below
fw/pri/act(config)# crypto isakmp ?
configure mode commands/options:
disconnect-notify Enable disconnect notification to peers
identity Set identity type (address, hostname or key-id)
nat-traversal Enable and configure nat-traversal
reload-wait Wait for voluntary termination of existing connections
before reboot
can't find the policy command
please advise
Solved! Go to Solution.
01-29-2018 02:08 AM
01-26-2018 08:21 AM
Hello @M Mohammed,
For newer versions the command is with IKE, something like this:
crypto ikev1/ikev2 policy ..
Try this and let me know.
HTH
Gio
01-26-2018 08:25 AM
Many thanks G
i have already used the below config, but still the vpn is not coming up
and when i check sh crypto ipsec sa nothing is showing up
crypto ikev1 policy 201
authentication pre-share
encryption aes
hash sha
group 2
lifetime 28800
does it have to be the ikev1 on the other end or they can have ISAKMP POLICY on their end?
01-26-2018 08:32 AM
Hello @M Mohammed,
ISAKMP and IKEv1 are the same it doesn´t matter which one you have configured on your ASA and the other end, if the VPN tunnel doesn´t come up then turn on the debugs and let´s see what is happening:
debug crypto ikev1 250
debug crypto ipsec 250
Share the outputs and let´s for from there.
HTH
Gio
01-26-2018 12:10 PM - edited 01-26-2018 12:17 PM
01-26-2018 02:01 PM
If there is no output then it is likely that something in your config is not right. Can you post all the crypto parts of the config and perhaps we can help find the problem.
HTH
Rick
01-29-2018 02:08 AM
01-29-2018 09:48 AM
Thank you for posting back to the forum and letting us know that you have fixed the problem. I am glad that our suggestions guided you toward identifying and fixing the problem.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide