Filter
Top Products
Black Box LR11xx Series Router Configurations Guide
38
Black Box1> show crypto dynamic ipsec policy all detail
Policy sales is enabled, User group name sales
Direction is outbound, Action is Apply
Key Management is Automatic
PFS Group is disabled
Match Address:
Protocol is Any
Source ip address (ip/mask/port): (10.0.1.0/255.255.255.0/any)
Destination ip address (ip/mask/port): (any/any/any)
Proposal of priority 1
Protocol: esp
Mode: tunnel
Encryption Algorithm: aes256(key length=256 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
Policy INsales is enabled, User group name sales
Direction is inbound, Action is Apply
Key Management is Automatic
PFS Group is disabled
Match Address:
Protocol is Any
Source ip address (ip/mask/port): (any/any/any)
Destination ip address (ip/mask/port): (10.0.1.0/255.255.255.0/any)
Proposal of priority 1
Protocol: esp
Mode: tunnel
Encryption Algorithm: aes256(key length=256 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
Step 10: Configure radius server (applicable only if client authentication is configured in dynamic IKE policy)
Black Box1/configure> aaa
Black Box1/configure/aaa> radius
Black Box1/configure/aaa/radius> primary_server 172.168.2.1
Primary Radius server configured.
Black Box1/configure/aaa/radius> secondary_server 192.168.2.1
Secondary Radius server configured.
Black Box1/configure/aaa/radius> exit
Black Box1/configure/aaa> exit
Step 11: Configure firewall policies to allow IKE negotiation through untrusted interface (applicable only if firewall license is also
enabled)