Planning for IKE and IPSec

Previous page
Table of content
Next page

The most important part of any IPSec implementation comes in the planning stage. You should define all parameters and policies on paper. You must know the IPSec gateways, the Phase 1 parameters to use, and the Phase 2 parameters to use, define what is interesting traffic, and define what interfaces IPSec will be applied to.

The goal is to minimize any misconfiguration when you configure actual implementation commands on your router.

A typical security policy would identify items such as those in Table 8.1.

Table 8.1. IPSec Peer Policies

Policy

R1 Configuration

R2 Configuration

Protected networks

30.1.1.0/24

30.2.2.0/24

Transport used

TCP

TCP

IPSec policy

ESP-DES, AH-MD5

ESP-DES, AH-MD5

IPSec interface

S0/0

S0/0

Peer hostname

R2

R1

DH authentication

Preshared

Preshared


Previous page
Table of content
Next page
CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Data Structures and Algorithms in Java
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
Cultural Imperative: Global Trends in the 21st Century
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy