I don't have anything else on the routers..interface config and routing, it's a clean setup just to play with the aggressive mode. Even if I had a wildcard preshared key, hostname is used as the IKE identity so should not match on an address based wildcard. At least this is what I would expect.
On Fri, Jun 15, 2012 at 1:06 AM, Eugene Pefti <[email protected]>wrote: > Doesn’t make sense to me either. > It's like you mentioned DNS or "ip host" entry that resolves hostname to > IP. Any leftovers "crypto isakmp peer hostname" by any chance ? Or a wild > card 0.0.0.0 pre-shared key ? > What happens if you remove the part for aggressive mode ? Does R1 > authenticate R7 ? > I remember there was a trick in one of the labs and even an error in the > solution guide but in your case it is kind of academic. > > From: Imre Oszkar <[email protected]> > Date: Thursday, June 14, 2012 2:57 PM > To: ccie security <[email protected]> > Subject: [OSL | CCIE_Security] aggressive mode with hostname IKE ID > > crypto isakmp peer address >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
