Main Mode and Aggressive Mode IPSEC

Hi,

I know we use Aggressive mode when one peer has Dynamic IP.
But why Dynamic IP cannot be used in Main Mode. I was asked this question in an Interview and i was unable to answer.

Regards,
Bharath

Find more posts tagged with

Comments

deadjoe

Main mode can be used with dynamic IPs.

Aggressive mode sends IKE ID and hash in clear text (if using pre-shared key). Don't use aggressive mode, force main mode if you can. Even better, use IKEv2.

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of