[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

ASA 5505

Posted on 2011-02-13
6
Medium Priority
?
303 Views
Last Modified: 2012-06-21
Is there a waay to disable AES on a Cisco 5505 and just use the 3DES?
0
Comment
Question by:jbell72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882415
HI,

yep, please show your config, and we tell you the required commands!
0
 

Author Comment

by:jbell72
ID: 34882576
:) I dont have a config yet, just was wondering if it could be done before we order the ASA's. We are not authorized to use AES so I just wanted to make sure.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882713
ok..


Don't forget there is 3 type 5505:

ASA-5505-10-BUNK9
ASA-5505-50-BUNK9
ASA-5505-UL-BUNK9

10, 50, UL means how many IP address able to communicate behind the ASA to internet!

Best regards,
Istvan
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Expert Comment

by:lomaree
ID: 34882885
Hi

Based on your ASA you can choose to use any encryption i.e. AES, DES and 3DES in your configuration for VPN site-2-site tunnels or VPN Dial-In.

HTH
0
 
LVL 18

Accepted Solution

by:
decoleur earned 2000 total points
ID: 34947873
you can enable or disable the features that you want to use, to change from using AES to 3DES look at the example here: http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml

change the following lines:
crypto ipsec transform-set trmset1 esp-aes-256 esp-sha-hmac
to
crypto ipsec transform-set trmset1 esp-3des esp-sha-hmac

and
isakmp policy 10 encryption aes-256
to
isakmp policy 10 encryption 3des

if you do not have aes configured it will never accept an aes connection...

hope this helps,

-t
0
 

Author Comment

by:jbell72
ID: 35121600
THAnk you everyone, will try this this week.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month13 days, 14 hours left to enroll

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question