5 CommentsCruft, Security

I had quite a bit of trouble getting this to work the other day.  After some googling I came across this thread over on 6200networks.com.  I had matched up the config he had listed just by chance because I was also enabling an L2L VPN.  However, I still couldn’t get it to work.  The trick was to change the IPSEC transform set to AES-256.  After that it was smooth sailing.  I posted a comment over there but he hasn’t approved it yet.

I’ve discovered ISAKMP profiles too.  Very cool!

Comments (5)

  1. ndouba

    Reply

    What were the changes you performed exactly? Did you change the encryption entry and the transform set?

  2. scott

    Reply

    Simply changed the transform set to AES-256.  He posted a follow up on 6200 and it might have been more related to the ver of IOS I was running, oddly enough.

  3. Bill Taney

    Reply

    For some reason it never get’s past
    May 4 16:23:40.382 CST: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer at 166.137.143.134

  5. Pingback: iPhone VPN and Cisco IOS, Part2 - The Cruft Of My Brain

Leave a comment

Your email address will not be published. Required fields are marked *