Hi Piotr After a couple of reloads and re-configuration, it works for me now. I did try adding ip host earlier but didn't work.
Till today, I thought ip host was necessary. But I see it working without ip host command. In Main mode with PSK, we need the IP address for the pre-shared key. But for Aggressive mode, do we need IP address for the pre-shared key? In aggressive, the initiator is going to send hostname as the IKE ID. The remote peer has the pre-shared configued for that hostname. When it replies back, the initiator is going to find the pre-shared key with the IKE ID. In Aggressive mode, is the pre-shared key used for keying material as done for Main mode? Please let me know your thoughts? With regards Kings On Thu, Sep 22, 2011 at 9:58 PM, Piotr Matusiak <[email protected]> wrote: > Hi Kings, > > what about > > ip host router3.king.com 10.20.30.40 > > ?? > > Regards, > Piotr > > > > > > 2011/9/22 Kingsley Charles <[email protected]> > >> Hi all >> >> Is it an issue in IOS or a silly mistake from my side? The following >> configuration doesn't work for me. >> >> >> crypto isakmp key cisco hostname router3.king.com >> crypto isakmp profile prof >> keyring default >> self-identity fqdn >> match identity host router3.king.com >> initiate mode aggressive >> ! >> crypto ipsec transform-set tran esp-3des esp-sha-hmac >> ! >> crypto map cisco 1 ipsec-isakmp >> set peer 10.20.30.40 >> set transform-set tran >> set isakmp-profile prof >> match address 123 >> reverse-route static >> >> >> With regards >> Kings >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com <http://www.platinumplacement.com/> >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
