Various Policy Parameters for IKE Phase 1

Previous page
Table of content
Next page

Once you are in ISAKMP configuration mode, you can enter your IKE parameters, such as authentication method, encryption algorithm, hash algorithm, and so on: 

 
 R1 (config-isakmp)# ?

Following is a list of ISAKMP commands:

Authentication

Set an authentication method for protection suite

Default

Set a command to its defaults

Encryption

Set an encryption algorithm for the protection suite

Exit

Exit from ISAKMP protection suite configuration mode

Group

Set the D-H group

Hash

Set the hash algorithm for the protection suite

Lifetime

Set the lifetime for the ISAKMP SA

No

Negate a command or set its defaults

Using the example earlier, the policy we defined for IKE Phase 1 appears in Table 8.3.

Table 8.3. IKE Phase 1 Configuration Parameters

Policy

R1 Configuration

R2 Configuration

Preshared key

cisco

cisco

Encryption algorithm

DES

DES

Hash algorithm

SHA-1

SHA-1

D-H group

Group 1

Group 1

Phase 1 lifetime

12 hours

12 hours

An example of an IKE phase 1 policy for R1 would be 

 
 R1 (config)# crypto isakmp policy 10 R1 (config-isakmp)# authentication pre-share R1 (config-isakmp)# encryption des R1 (config-isakmp)# hash sha-1 R1 (config-isakmp)# group 1 R1 (config-isakmp)# lifetime 43200

Previous page
Table of content
Next page
CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud
BUY ON AMAZON
Building Web Applications with UML (2nd Edition)
Cisco IOS Cookbook (Cookbooks (OReilly))
101 Microsoft Visual Basic .NET Applications
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Special Edition Using FileMaker 8
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy