Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: cisco router ipsec transform sets

cisco router ipsec transform sets 10 years 7 months ago #14411

  • qslrfw
  • qslrfw's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
I have been tasked with removing several redundant transfrom-sets from some cisco router2router IPSEC configurations. Can transform sets be removed "on the fly", without disturbing the Security Association (if it is already built)?. Can someone give me the recommended procedure for removing transform-sets and then making a crypto map use a new transform-set?

--thanks
The administrator has disabled public write access.

Re: cisco router ipsec transform sets 10 years 7 months ago #14425

  • havohej
  • havohej's Avatar
  • Offline
  • Distinguished Member
  • Posts: 152
  • Karma: 0
hi, there is no way to remove a transform set "in the fly".

If you try it, there is an error message at the promtp who says : "first disable de transform set from the crypto map".

so you must first disable the crypto map applied to the interface.
then disable de "set transform set" from the crypto map, and then you must edit or create the new transform set, deleting the old one or editing the new one.
The administrator has disabled public write access.
Time to create page: 0.072 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup