Configuring ISAKMP Identity

Previous page
Table of content
Next page

When IPSec peers authenticate one another during IKE Phase 1 negotiations using a preshared key, the peers also use either an IP address or hostname to authenticate each other. You should set the router's identity to an IP address if you will use only one interface to establish a tunnel with the remote peer. However, if you want to use multiple interfaces to establish an IPSec tunnel, you should set the router's identity to its hostname. The command syntax to configure the router's identity is 

 
 Router(config)# crypto isakmp identity {address  hostname}

For example, if you want to use the router's hostname along with the preshared key to perform authentication, use the following command: 

 
 Router(config)# crypto isakmp identity hostname

Later in this chapter when we discuss crypto maps, you will see how the crypto isakmp identity command is tied to the set peer command in crypto map configuration mode.

graphics/alert_icon.gif

By default, the identity command uses the address keyword. Therefore, whatever IP address you configured on a specific interface is used for authentication.



Previous page
Table of content
Next page
CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
CompTIA Project+ Study Guide: Exam PK0-003
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Oracle Developer Forms Techniques
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy