Cisco CISCO876-K9 Configuration Guide - Page 70
Con the IKE Policy
UPC - 882658036880
View all Cisco CISCO876-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 70 highlights
Configure the IKE Policy Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configure the IKE Policy Perform these steps to configure the Internet Key Exchange (IKE) policy, beginning in global configuration mode: Step 1 Step 2 Command or Action crypto isakmp policy priority Example: Router(config)# crypto isakmp policy 1 Router(config-isakmp)# encryption {des | 3des | aes | aes 192 | aes 256} Example: Router(config-isakmp)# encryption 3des Router(config-isakmp)# Purpose Creates an IKE policy that is used during IKE negotiation. The priority is a number from 1 to 10000, with 1 being the highest. Also enters the Internet Security Association Key and Management Protocol (ISAKMP) policy configuration mode. Specifies the encryption algorithm used in the IKE policy. The example specifies 168-bit data encryption standard (DES). Step 3 Step 4 hash {md5 | sha} Example: Router(config-isakmp)# hash md5 Router(config-isakmp)# Specifies the hash algorithm used in the IKE policy. The example specifies the Message Digest 5 (MD5) algorithm. The default is Secure Hash standard (SHA-1). authentication {rsa-sig | rsa-encr | pre-share} Example: Router(config-isakmp)# authentication pre-share Router(config-isakmp)# Specifies the authentication method used in the IKE policy. The example specifies a pre-shared key. Step 5 group {1 | 2 | 5} Example: Router(config-isakmp)# group 2 Router(config-isakmp)# Specifies the Diffie-Hellman group to be used in an IKE policy. Step 6 lifetime seconds Example: Router(config-isakmp)# lifetime 480 Router(config-isakmp)# Specifies the lifetime, 60-86400 seconds, for an IKE security association (SA). Step 7 exit Example: Router(config-isakmp)# exit Router(config)# Exits IKE policy configuration mode, and enters global configuration mode. Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide 6-4 OL-5332-01