We find an attack that use public information combination to replace public key, which lead to some certificateless key agreement scheme is not secure. In this paper, we propose a certificateless key agreement for acrossing administrative domains without bilinear pairing to resolve the above problem. Our scheme is secure as long as each user has at least one secure secret. Our scheme proposes that each user needs 6 times of elliptic curve scalar multiplication for computing session key, and it can resist attack that use public information combination to replace public key.