?
Solved

ASA 5505

Posted on 2011-02-13
6
Medium Priority
?
301 Views
Last Modified: 2012-06-21
Is there a waay to disable AES on a Cisco 5505 and just use the 3DES?
0
Comment
Question by:jbell72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882415
HI,

yep, please show your config, and we tell you the required commands!
0
 

Author Comment

by:jbell72
ID: 34882576
:) I dont have a config yet, just was wondering if it could be done before we order the ASA's. We are not authorized to use AES so I just wanted to make sure.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882713
ok..


Don't forget there is 3 type 5505:

ASA-5505-10-BUNK9
ASA-5505-50-BUNK9
ASA-5505-UL-BUNK9

10, 50, UL means how many IP address able to communicate behind the ASA to internet!

Best regards,
Istvan
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 
LVL 1

Expert Comment

by:lomaree
ID: 34882885
Hi

Based on your ASA you can choose to use any encryption i.e. AES, DES and 3DES in your configuration for VPN site-2-site tunnels or VPN Dial-In.

HTH
0
 
LVL 18

Accepted Solution

by:
decoleur earned 2000 total points
ID: 34947873
you can enable or disable the features that you want to use, to change from using AES to 3DES look at the example here: http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml

change the following lines:
crypto ipsec transform-set trmset1 esp-aes-256 esp-sha-hmac
to
crypto ipsec transform-set trmset1 esp-3des esp-sha-hmac

and
isakmp policy 10 encryption aes-256
to
isakmp policy 10 encryption 3des

if you do not have aes configured it will never accept an aes connection...

hope this helps,

-t
0
 

Author Comment

by:jbell72
ID: 35121600
THAnk you everyone, will try this this week.
0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month9 days, 14 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question