Configure a PIX Security Appliance Site-to-Site VPN using Pre-shared Keys
IPSec configuration tasks

The rest of this module discusses the configuration of an IPSec-based VPN between two PIX Security Appliances operating as secure gateways using pre-shared keys for authentication. The four overall tasks used to configure IPSec encryption on the PIX are summarized below. Subsequent topics of this lesson discuss each configuration task in greater detail. The following are the four tasks :

  • Task 1 – Prepare to configure VPN support. This task consists of several steps that determine IPSec policies, ensure that the network works, and ensure that the PIX Security Appliance can support IPSec.
  • Task 2 – Configure IKE parameters. This task consists of several configuration steps that ensure that IKE can set up secure channels to desired IPSec peers during IKE Phase 1.
  • Task 3 – Configure IPSec parameters. This task consists of several configuration steps that specify IPSec SA parameters between peers, and set global IPSec values. IKE negotiates SA parameters and sets up IPSec SAs during IKE Phase 2.
  • Task 4 – Test and verify VPN configuration. After IPSec is configured, it is necessary to verify that it has been configured correctly and ensure that it works.

Web Links