Filter
Top Products
Example 5: IPSec remote access
41
Step 1: As in Step1 of Example 1
Step 2: As in Step2 of Example 1
Step 3: As in Step3 of Example 1
Step 4: Configure dynamic IKE policy for a group of mobile users
Black Box1/configure> crypto
Black Box1/configure/crypto> dynamic
Black Box1/configure/crypto/dynamic> ike policy sales modecfg-group
Black Box1/configure/crypto/dynamic/ike/policy sales> local-address 192.168.55.52
Black Box1/configure/crypto/dynamic/ike/policy sales> remote-id email david@Blackbox.com
The default proposal is created with priority1-des-sha1-pre_shared-g1, the Key String has to be configured by the user, and the
default IPSec proposal 'sales' added with priority1-3des-sha1-tunnel.
Black Box1/configure/crypto/dynamic/ike/policy sales> remote-id email mike@Blackbox.com
Black Box1/configure/crypto/dynamic/ike/policy sales> key secretkeyforsales
Black Box1/configure/crypto/dynamic/ike/policy sales> proposal 1
Black Box1/configure/crypto/dynamic/ike/policy sales/proposal 1> encryption-algorithm
3des-cbc
Black Box1/configure/crypto/dynamic/ike/policy sales/proposal 1> exit
Black Box1/configure/crypto/dynamic/ike/policy sales> client configuration
Black Box1/configure/crypto/dynamic/ike/policy sales/client/configuration> address-
pool 1 20.1.1.100 20.1.1.150
Black Box1/configure/crypto/dynamic/ike/policy sales/client/configuration> exit
Black Box1/configure/crypto/dynamic/ike/policy sales> exit
Black Box1/configure/crypto/dynamic> exit
Step 5: Display dynamic IKE policies
Tasman #1
VPN Server
172.16.0.1
Mode Config IP
Pool:
10.0.1.100-
10.0.1.150
Corporate
Headquarters
10.0.1.0/24
I
P
S
E
C
T
U
N
N
E
L
VPN Client 1
Local Outer Address:
Dynamic
Local Inner Assigned
Address: 10.0.1.100/32
Local ID:
david@tasmannetworks.
com
I
P
S
E
C
T
U
N
N
E
L
VPN Client 2
Local Outer Address:
Dynamic
Local Inner Assigned
Address: 10.0.1.101/32
Local ID:
mike@tasmannetworks.
com
Black Box 1
blackbox.com
blackbox.com