Filter
Top Products
Black Box LR11xx Series Router Configurations Guide
42
Black Box1> show crypto dynamic ike policy all
Policy Remote-id Mode Transform Address-Pool
------ --------- ---- --------- ------------
sales U david@BlackBox... Aggressive P1 pre-g1-3des-sha1 1 S 20.1.1.100
E20.1.1.150
Step 6: Display dynamic IKE policies in detail
Black Box1> show crypto dynamic ike policy all detail
Policy name sales, Modeconfig group
Aggressive mode, Response Only, PFS is not enabled, Shared Key is *****
Local addr: 192.168.55.52, Local ident 192.168.55.52 (ip-address)
Remote idents are david@Blackbox.com (email-id), mike@Blackbox.com (email-id)
Address Pool:
Pool# 1: 20.1.1.100 to 20.1.1.150
Proposal of priority 1
Encryption algorithm: 3des
Hash Algorithm: sha1
Authentication Mode: pre-shared-key
DH Group: group1
Lifetime in seconds: 86400
Lifetime in kilobytes: unlimited
Step 7: Configure dynamic IPSec policy for a group of mobile users
Black Box1/configure/crypto>
Black Box1/configure/crypto> dynamic
Black Box1/configure/crypto/dynamic> ipsec policy sales modecfg-group
Black Box1/configure/crypto/dynamic/ipsec/policy sales> match address 10.0.1.0 24
Black Box1/configure/crypto/dynamic/ipsec/policy sales> proposal 1
Black Box1/configure/crypto/dynamic/ipsec/policy sales/proposal 1> encryption-algorithm
aes256-cbc
Black Box1/configure/crypto/dynamic/ipsec/policy sales/proposal 1> exit
Black Box1/configure/crypto/dynamic/ipsec/policy sales> exit
Black Box1/configure/crypto/dynamic> exit
Step 8: Display dynamic IPSec policies
Black Box1> show crypto dynamic ipsec policy all
Policy Match Proto Transform
------ ----- ----- ---------
sales S 10.0.1.0/24/any Any P1 esp-aes-sha1-tunl
D any/any/any
Step 9: Display dynamic IPSec policies in detail