ASA trivia: ASA 8.4 will convert the keyword isakmp to ikev1 !
I have always felt it was a misjudgement on Cisco to use the isakmp keyword. All of you who have suffered through RFC 2407-2409 would know that ISAKMP is an abstract framework and the wire protocol is IKEv1. This schizophrenia was rampant in Cisco documentation and 3rd party books; confusing the terms ISAKMP and IKEv1, equating the two terms, and generally confusing the heck out of learners. Even the Deal book says something like "ISAKMP also known as IKE" - ouch, ouch, ouch. In recent documentation and the ASDM GUIs Cisco had been trying to correct this mistake; the documentation correctly refers to IKE (and the use of the isakmp keyword instead) and the GUIs show "IKE Policies"; though it must be disconcerting to students to see them turned into "crypto isakmp..." commands. Now that the CLI clearly uses crypto ikev1 and crypto ikev2m it makes much more sense. Anyway, I also understand that ISR's will not have IKEv2, even in 15.0/15.1. When the syllabus switches to ISR G2 and IKEv2, that is going to be one painful round of upgrades. Cheers Richard
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
