03-12-2008 06:34 AM
Hi, I have a couple of remote clients using a Cisco VPN concentrator who connect to our VPNSM through an IPSEC encrypted tunnel. On my end, I configure my transform-set to MD5 but it seems that on the remote end they have to configure Phase 2 to SHA in order to get the tunnel to work. I would have assumed that the tunnel wouldn't have even come up if both ends didn't match for the encryption piece?? Anyone else have a similar situation and can explain to me why this would even work? thanks
03-18-2008 07:20 AM
Security parameters have to be same on both the ends. Only then the tunnel would come up. I still haven't seen a working configuration with mismatch in security parameters.
03-18-2008 07:24 AM
Thanks for the reply and that's what I thought too. Doesn't make any sense to me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide