==
Home » Uncategories » VPN Configuring IKE

VPN Configuring IKE


1.    Document your IKE Phase 1 negotiation criteria (example below)
§  Encryption algorithm:        AES-128
§  Hashing:                               SHA-1
§  Authentication:                  pre-shared
§  Key exchange:                    Diffie-Hellman Group 2
2.    Document your IPSec (IKE Phase 2) negotiation criteria (example below)
§  Encryption algorithm:        esp-aes 128
§  Authentication:                  esp-sha-hmac

Configuring IKE Phase 1:


1.       Enable ISAKMPE
crypto isakmp enable

2.       Create ISAKMP Policy
crypto isakmp policy 100
 encryption aes 128
 authentication pre-shared
 group 2
 hash sha

3.       Configure ISAKMP Identity
crypto isakmp identity |

4.       Configure pre-shared keys
crypto isakmp key address

Configuring IKE Phase 2:


1.       Create transform sets
crypto ipsec transform-set

crypto ipsec transform-set JEREMY esp-aes 128 esp-sha-hmac

2.       Configure IPSec lifetime (optional)
crypto ipsec security-association lifetime |

3.       Create mirrored ACLs defining traffic to be encrypted and the traffic expected to be received encrypted

4.       Configure IPSec crypto-map
crypto map ipsec-isakmp

crypto map MAP 100 ipsec-isakmp
 match address
 set peer
 set pfs
 set transform-set

Verify:



show crypto isakmp policy
Admin

Pro Teknologi dibuat pada 22 Februari 2017. Blog ini adalah harapan saya agar dapat membagi manfaat kepada orang lain,berupa tips-tips Seputar Blog,Internet,Komputer,dan Info-Info Menarik lainnya.

0 Response to "VPN Configuring IKE"

Post a Comment

Subscribe to: Post Comments (Atom)