Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

question about 3des

Status
Not open for further replies.
Oh

Oh

IS-IT--Management
Jun 24, 2002
92
JP
Hello:
I have a question: I upgraded our pixs active key to 3des, if I still config like "crypto ipsec transform-set Myset esp-des esp-md5-hmac" at both peer side, does it work? If I setting one side as DES and other side as 3DES, what happens? and How about setting like "isakmp policy 20 encryption 3des"?
thanks!
 
Sort by date Sort by votes
Let's break this question up into three parts.

1. Can you use DES even though you've upgraded the license to 3DES? The answer is yes.

2. If I setting one side as esp-des and other side as 3DES, what happens? It won't be able to negotiate a common transformset. The key is to have a common transformset that both ends can agree on first.

3. How about setting like "isakmp policy 20 encryption 3des"? The IKE policy must be agreed on both sides as well. Policy numbers do not have to be exactly the same.

Hope this helps.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
596
intel233
intel233
GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
178
GeorgeAlba
GeorgeAlba
NoCoolHandle
  • Locked
  • Question
TLS 1.0 vrs TLS 1.1 vrs 1.2 connection strategy question
Replies
1
Views
124
ChrisHirst
ChrisHirst
J001
  • Locked
  • Question
Checkpoint Upgrade Question
Replies
0
Views
86
J001
J001
barbastica
  • Locked
  • Question
Cisco PIX Fierwall- SSH authentication question
Replies
0
Views
120
barbastica
barbastica

Part and Inventory Search

Sponsor

Back
Top