From Internetworkpro
| This page or section provides device configuration instructions
Please note that the information on this page has not been checked for accuracy and is not intended as a replacement to documentation. Please ensure you understand your desired objectives before attempting to apply any examples listed. See more examples at Category:Configuration |
|
| This page or section provides VPN Configuration examples
The collection of articles under the VPN Category help to describe simple and complex VPN setups. These are often confusing and complicated so the Internetworkpro Wiki is attempting to create examples for many VPN setups - Site to site, remote access, automatic, one-way, ipsec, pptp, gre, vpdn, easyvpn, ssl, etc. Please ensure you understand your desired objectives before attempting to apply any examples listed. Guidance can be provided on irc://freenode.net/cisco See more examples at Category:ConfigurationSee more VPN configuration at Category:VPN |
[edit] Overview
After trying to set up remote access IPSec VPN on my ASA5540, I was unable to connect using the Cisco VPN Client. After running debug crypto isakmp 255, I found that there were a total of 14 ISAKMP transform set configurations that the client will try before giving up. Please keep in mind that this list is for IPSec remote access only.
This is a list of possible configurations:
ISAKMP Transform Set List
| Transform # | Encryption | Hashing | Group | Authentication
|
| 1
| AES-256 | SHA1 | Group 2 | xauth
|
| 2
| AES-256 | MD5 | Group 2 | xauth
|
| 3
| AES-256 | SHA1 | Group 2 | PSK
|
| 4
| AES-256 | MD5 | Group 2 | PSK
|
| 5
| AES-128 | SHA1 | Group 2 | xauth
|
| 6
| AES-128 | MD5 | Group 2 | xauth
|
| 7
| AES-128 | SHA1 | Group 2 | PSK
|
| 8
| AES-128 | MD5 | Group 2 | PSK
|
| 9
| 3DES | SHA1 | Group 2 | xauth
|
| 10
| 3DES | MD5 | Group 2 | xauth
|
| 11
| 3DES | SHA1 | Group 2 | PSK
|
| 12
| 3DES | MD5 | Group 2 | PSK
|
| 13
| DES | MD5 | Group 2 | xauth
|
| 14
| DES | MD5 | Group 2 | PSK
|
--IPv6Freely 13:43, 25 August 2008 (CDT)
