Filter
Top Products
IPSec Configuration Example 581
[RouterA]interface serial 0
l Configure ip address of the serial interface
[RouterA-Serial0] ip address 202.38.163.1 255.255.255.0
m Apply security policy group on serial interface
[RouterA-Serial0] ipsec policy policy1
n Configure the route.
[RouterA] ip route-static 10.1.2.0 255.255.255.0 202.38.162.1
o Configure corresponding IKE
[RouterA] ike pre-shared-key abcde remote 202.38.162.1
2 Configure Router B:
a Configure an access list and define the data stream from Subnet 10.1.2x to
Subnet 10.1.1x.
[RouterB] acl 101
[RouterB-acl-101] rule permit ip source 10.1.2.0 0.0.0.255
destination 10.1.1.0 0.0.0.255
[RouterB-acl-101] rule deny ip source any destination any
b Create the IPSec proposal view named trans1
[RouterB] ipsec proposal tran1
c Adopt tunnel mode as the message-encapsulating form
[RouterB-ipsec-proposal-tran1] encapsulation-mode tunnel
d Adopt ESP protocol as security protocol
[RouterB-ipsec-proposal-tran1] transform esp-new
e Select authentication algorithm and encryption algorithm
[RouterB-ipsec-proposal-tran1] esp-new encryption-algorithm des
[RouterB-ipsec-proposal-tran1] esp-new authentication-algorithm
sha1-hmac-96
f Create a security policy with negotiation view as isakmp
[RouterB] ipsec policy use1 10 isakmp
g Quote access list
[RouterB-crypto-map-use1-10]match address 101
h Set remote address
[RouterB-ipsec-policy-policy1-10] security acl 101
i Quote IPSec proposal
[RouterB-ipsec-policy-policy1-10] proposal tran1
j Configure serial interface Serial0
[RouterB] interface serial 0
[RouterB-Serial0] ip address 202.38.162.1 255.255.255.0
k Apply security policy group on serial interface
[RouterB-Serial0] ipsec policy use1
l Configure the route.
[RouterB] ip route-static 10.1.1.0 255.255.255.0 202.38.163.1