After you plan for IKE and IPSec and verify the router's current configuration, it is time to implement IPSec. You can always use the show running-config to verify a router's current configuration. Another good command is show access-lists . You use this command because you need to ensure that your current ACLs are not blocking IPSec protocols. Prior to implementing IKE and IPSec, you fully plan the implementation.
The first stage of implementation is configuring the IKE security parameters. The IKE security parameters are only for the IKE tunnel, not the IPSec tunnel. The IKE tunnel is used to securely negotiate the security parameters that will be used for the IPSec tunnel.
|