 | |
| Prepare a Router for Site-to-Site VPN using Pre-shared Keys |
|
 | |
| IPSec encryption with pre-shared keys |
 |
| Planning the IKE and IPSec policy |
 |
| Step 1 – Determine ISAKMP (IKE Phase 1) policy |
 |
| Step 2 – Determine IPSec (IKE Phase 2) policy |
 |
| Step 3 – Check the current configuration |
 |
| Step 4 – Ensure the network works without encryption |
 |
| Step 5 – Ensure ACLs are compatible with IPSec |
|
 |
| Configure a Router for IKE Using Pre-shared Keys |
|
 | |
| Step 1 – Enable or disable IKE |
 |
| Step 2 – Create IKE policies |
 |
| Step 3 – Configure pre-shared keys |
 |
| Step 4 – Verify the IKE configuration |
|
 |
| Configure a Router with IPSec Using Pre-shared Keys |
|
 | |
| Steps to configure IPSec |
 |
| Step 1 – Configure transform set suites |
 |
| Step 2 – Configure global IPSec SA lifetimes |
 |
| Step 3 – Create crypto ACLs |
 |
| Step 4 – Create crypto maps |
 |
| Step 5 – Apply crypto maps to interfaces |
|
 |
| Test and Verify the IPSec Configuration of the Router |
|
 | |
| Test and verify IPSec |
 |
| Display the configured ISAKMP policies |
 |
| Display the configured transform sets |
 |
| Display the current state of IPSec SAs |
 |
| Display the configured crypto maps |
 |
| Enable debug output for IPSec events |
 |
| Enable debug output for ISAKMP events |
 |
| Configure a VPN using SDM |
|
 |
| Configure a PIX Security Appliance Site-to-Site VPN using Pre-shared Keys |
|
 | |
| IPSec configuration tasks |
 |
| Task 1 – Prepare to configure VPN support |
 |
| Task 2 – Configure IKE parameters |
 |
| Task 3 – Configure IPSec parameters |
 |
| Task 4 – Test and verify the IPSec configuration |
|
 |