BY DEFAULT, it is always " MAIN MODE right ? ! " regards,
Kamran Shakil ITA NDC Operations Engineer MidEast Data Systems LLC Oman Cell: + 968 95804126 Office: + 968 24576640 http://www.mynameise.com/kamranshakil77 Confidentiality Warning: "This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of all or any portion of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system." -----Original Message----- From: Kingsley Charles [mailto:[email protected]] Sent: Tue 12/7/2010 9:32 PM To: Kamran Shakil Cc: [email protected] Subject: Re: [OSL | CCIE_Security] GETVPN and DMVPN ...( Need clarification only) *on IOS* crypto isakmp peer address or ISAKMP profiles *On ASA* asa(config)# crypto map cisco 1 set phase1-mode ? configure mode commands/options: aggressive Set aggressive mode main Set main mode With regards Kings On Tue, Dec 7, 2010 at 10:48 PM, Kamran Shakil <[email protected]>wrote: > > great !!! :) thanks mate. > > > well, last query.... : " is it possible that in the configuration we can > force phase i sa to be aggressive rather than main mode .??? " i do not see > any clue or command to forcefully engage Aggressive mode in ike phase 1 > ...... , i know that aggressive mode has 3 msgs and main mode has 6 msg > exchanges, yet do not see > any command where i can do a selection among the phase i modes of > negotiation ?????? > > > regards, > > Kamran Shakil > ITA NDC Operations Engineer > MidEast Data Systems LLC Oman > Cell: + 968 95804126 > Office: + 968 24576640 > http://www.mynameise.com/kamranshakil77 > > Confidentiality Warning: > "This message and any attachments are intended only for the use of the > intended recipient(s), are confidential, and may be privileged. If you are > not the intended recipient, you are hereby notified that any review, > retransmission, conversion to hard copy, copying, circulation or other use > of all or any portion of this message and any attachments is strictly > prohibited. If you are not the intended recipient, please notify the sender > immediately by return e-mail, and delete this message and any attachments > from your system." > > > > -----Original Message----- > From: Kingsley Charles [mailto:[email protected]] > Sent: Tue 12/7/2010 8:56 PM > To: Kamran Shakil > Cc: [email protected] > Subject: Re: [OSL | CCIE_Security] GETVPN and DMVPN ...( Need clarification > only) > > Comments inline. > > With regards > Kings > > On Tue, Dec 7, 2010 at 10:09 PM, Kamran Shakil <[email protected] > >wrote: > > > hi all, > > > > i have some practice labs and just fnished sections of ASA and IOS FW. > > > > Now moved to VPN...well i had 2 simple queries ... > > > > > > 1> does DMVPN works only on routers ??? " i see no lab involving asa > > firewalls for dmvpn.... " > > > > If you are talking DMVPN using NHRP, then it is supported on IOS only. > > > > > 2> does getvpn works only on routers???? " for this also , i do not find > > any lab on ine or ccbootcamp or on cisco website documentation" > > > > Works on IOS only. > > > > Need expert advice, plz... my lab is in first week of march 2011 > > > > regards, > > > > Kamran Shakil > > ITA NDC Operations Engineer > > MidEast Data Systems LLC Oman > > Cell: + 968 95804126 > > Office: + 968 24576640 > > http://www.mynameise.com/kamranshakil77 > > > > Confidentiality Warning: > > "This message and any attachments are intended only for the use of the > > intended recipient(s), are confidential, and may be privileged. If you > are > > not the intended recipient, you are hereby notified that any review, > > retransmission, conversion to hard copy, copying, circulation or other > use > > of all or any portion of this message and any attachments is strictly > > prohibited. If you are not the intended recipient, please notify the > sender > > immediately by return e-mail, and delete this message and any attachments > > from your system." > > > > > > ______________________________________________________________________ > > This email has been scanned by the MessageLabs Email Security System. > > For more information please visit http://www.messagelabs.com/email > > ______________________________________________________________________ > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, please > > visit www.ipexpert.com > > > > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
