Name: Cisco 2911
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

135

Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide

Chapter Configuring Security Features

Configuring VPN

Configure the IKE Policy

To configure the Internet Key Exchange (IKE) policy, follow these steps, beginning in global

configuration mode.

SUMMARY STEPS

1. crypto isakmp policy priority

2. encryption {des | 3des | aes | aes 192 | aes 256}

3. hash {md5 | sha}

4. authentication {rsa-sig | rsa-encr | pre-share}

5. group {1 | 2 | 5}

6. lifetime seconds

7. exit

DETAILED STEPS

Command or Action Purpose

Step 1

crypto isakmp policy priority

Example:

Router(config)# crypto isakmp policy 1

Router(config-isakmp)#

Creates an IKE policy that is used during IKE

negotiation. The priority is a number from 1 to

10000, with 1 being the highest.

Also enters the ISAKMP

policy configuration

mode.

Step 2

encryption {des | 3des | aes | aes 192 | aes 256}

Example:

Router(config-isakmp)# encryption 3des

Router(config-isakmp)#

Specifies the encryption algorithm used in the IKE

policy.

The example specifies 168-bit DES

Step 3

hash {md5 | sha}

Example:

Router(config-isakmp)# hash md5

Router(config-isakmp)#

Specifies the hash algorithm used in the IKE

policy.

The example specifies the MD5

algorithm. The

default is SHA-1

Step 4

authentication {rsa-sig | rsa-encr | pre-share}

Example:

Router(config-isakmp)# authentication

pre-share

Router(config-isakmp)#

Specifies the authentication method used in the

IKE policy.

The example specifies a pre-shared key.

Step 5

group {1 | 2 | 5}

Example:

Router(config-isakmp)# group 2

Router(config-isakmp)#

Specifies the Diffie-Hellman group to be used in

an IKE policy.

Other manuals for Cisco 2911

Manual10 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco 2911 and is the answer not in the manual?

Cisco 2911 Specifications

General

Ethernet LAN	Yes
Cabling technology	10/100/1000Base-T(X)
Networking standards	IEEE 802.1Q, IEEE 802.1ag, IEEE 802.3, IEEE 802.3ab, IEEE 802.3af, IEEE 802.3ah, IEEE 802.3u
Ethernet LAN data rates	10, 100, 1000 Mbit/s
Ethernet interface type	Gigabit Ethernet
DHCP client	-
Routing protocols	BGP, EIGRP, OSPF
Supported protocols	IPv4, IPv6, IS-IS, IGMPv3, PIM SM, SSM, DVMRP, IPSec, GRE, BVD, MPLS, L2TPv3, PPP, MLPPP, MLFR, HDLC, RS-232, RS-449, X.21, V.35, EIA-530, PPPoE, ATM
USB version	2.0
RS-232 ports	1
Expansion slots	4 x EHWIC 2 x DSP 1 x ISM
USB ports quantity	2
Ethernet LAN (RJ-45) ports	3
Firewall security	Cisco IOS
Input current	2.2 A
AC input voltage	100 - 240 V
Power source type	AC
AC input frequency	47 - 63 Hz
Power consumption (typical)	50 W
Product color	Black
Rack capacity	2U
Operating altitude	0 - 4000 m
Non-operating altitude	0 - 4570 m
Storage temperature (T-T)	-40 - 80 °C
Operating temperature (T-T)	0 - 40 °C
Storage relative humidity (H-H)	5 - 95 %
Operating relative humidity (H-H)	5 - 85 %
Safety	UL 60950-1, CAN/CSA C22.2 No. 60950-1, EN 60950-1, AS/NZS 60950-1, IEC 60950-1
Electromagnetic compatibility	47 CFR, ICES-003, EN55022, CISPR22, AS/NZS 3548, VCCI V-3, EN 300-386, EN 61000, EN 55024, CISPR 24EN50082-1