We have a Cisco 3845 router which terminates more than 80 VPN site-to-site tunnels at all the time. However, as all peer routers are configured to use the "Main mode" authorization to connect to this core router, I've disabled the aggressive mode on this Cisco 3845 by using this command: "crypto isakmp aggressive-mode disable". So, from then I assume that no more responding to any aggressive mode requests from any one out there on the internet, and everything continued working fine. BUT, we have lots of notice log messages from this router. Here is the error massage: "CRYPTO-5-IKMP_AG_MODE_DISABLED: Unable to initiate or respond to Aggressive Mode while disabled".
So, we are getting more than 300 messages every hour! I need to stop this ASAP as it is filing up our logserver space. Is there anyhwere to go around this without re-enabling aggressive mode which I believe could be somehow a security hole?
Thanks in advance.