+ Reply to Thread
Results 1 to 2 of 2
  1. Junior Member
    Join Date
    Oct 2014
    Location
    Bangalore
    Posts
    17

    Certifications
    CCNA, CCNA Security, JNCIA, JNCIS Security
    #1

    Default Main Mode and Aggressive Mode IPSEC

    Hi,

    I know we use Aggressive mode when one peer has Dynamic IP.
    But why Dynamic IP cannot be used in Main Mode. I was asked this question in an Interview and i was unable to answer.

    Regards,
    Bharath
    Reply With Quote Quote  

  2. Junior Member
    Join Date
    Jan 2017
    Location
    Africa
    Posts
    19

    Certifications
    OSCP, CISSP, CEH, PCNSE7, MCP...
    #2
    Main mode can be used with dynamic IPs.

    Aggressive mode sends IKE ID and hash in clear text (if using pre-shared key). Don't use aggressive mode, force main mode if you can. Even better, use IKEv2.
    Last edited by deadjoe; 10-01-2018 at 12:25 PM.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks