Solved

ASA 5505

Posted on 2011-02-13
6
300 Views
Last Modified: 2012-06-21
Is there a waay to disable AES on a Cisco 5505 and just use the 3DES?
0
Comment
Question by:jbell72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882415
HI,

yep, please show your config, and we tell you the required commands!
0
 

Author Comment

by:jbell72
ID: 34882576
:) I dont have a config yet, just was wondering if it could be done before we order the ASA's. We are not authorized to use AES so I just wanted to make sure.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882713
ok..


Don't forget there is 3 type 5505:

ASA-5505-10-BUNK9
ASA-5505-50-BUNK9
ASA-5505-UL-BUNK9

10, 50, UL means how many IP address able to communicate behind the ASA to internet!

Best regards,
Istvan
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 1

Expert Comment

by:lomaree
ID: 34882885
Hi

Based on your ASA you can choose to use any encryption i.e. AES, DES and 3DES in your configuration for VPN site-2-site tunnels or VPN Dial-In.

HTH
0
 
LVL 18

Accepted Solution

by:
decoleur earned 500 total points
ID: 34947873
you can enable or disable the features that you want to use, to change from using AES to 3DES look at the example here: http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml

change the following lines:
crypto ipsec transform-set trmset1 esp-aes-256 esp-sha-hmac
to
crypto ipsec transform-set trmset1 esp-3des esp-sha-hmac

and
isakmp policy 10 encryption aes-256
to
isakmp policy 10 encryption 3des

if you do not have aes configured it will never accept an aes connection...

hope this helps,

-t
0
 

Author Comment

by:jbell72
ID: 35121600
THAnk you everyone, will try this this week.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question