Home/Support/Support Forum/AN_58-Question[SOLVED]
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.


0 votes
Hi All:

Question regarding AN_58.
The Cisco section shows only a single entry under:
crypto ikev2 kering kyr1
peer transport
identity key-id transport
pre-shared-key digidigi

Since there is no "ikev2 remote-authentication pre-shared-key xxxxx" or "ikev2 local-authentication pre-shared-key yyyyyy" statements, does that mean that digidigi is the key for both ends in the digi config in section 3.6?

asked Sep 14, 2020 in Digi TransPort Cellular by jserink Community Contributor (74 points)
edited Oct 15, 2020 by jserink

Please log in or register to answer this question.

1 Answer

0 votes
The answer is yes.
If you want differnt keys for the remote then you do something like this:
crypto ikev2 keyring bob
peer frank
identity key-id frank
pre-shared-key remote thisisfrankspsk

crypto ikev2 profile bobprofile
match identity remote key-id frank
identity local key-id MYCCrouter
authentication remote pre-share
authentication local pre-share key thisisMYrouterkey
keyring local bob
lifetime 14400
dpd 10 2 periodic

And away you go.

answered Oct 15, 2020 by jserink Community Contributor (74 points)