Link to home
Start Free TrialLog in
Avatar of Rubicon2009
Rubicon2009

asked on

What is a crypto isakmp policy and why should I need more than one ?

Hi !

I have 4 "crypto isakmp policy" in my configuration but only one transform-set (crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac)

why should I need more than one policy ?

Also what is the meaning of "group 2" into a policy ?

I use site-to-site vpn and Cisco VPN client (I guess it's IPSEC) in an hub and spoke infrastructure.

Thank You !

-Martin
Avatar of Rubicon2009
Rubicon2009

ASKER

Also what is the difference between "encr 3des" and "hash md5" ?
Both are in different policy.
ASKER CERTIFIED SOLUTION
Avatar of Qlemo
Qlemo
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
HI,

If you use older VPN clients you need to use different policy groups, so thats why you use more policy groupü than one!

Best regards,
Istvan