136
Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide
Chapter Configuring Security Features
Configuring VPN
Configure Group Policy Information
To configure the group policy, follow these steps, beginning in global configuration mode.
SUMMARY STEPS
1. crypto isakmp client configuration group {group-name | default}
2. key name
3. dns primary-server
4. domain name
5. exit
6. ip local pool {default | poolname} [low-ip-address [high-ip-address]]
DETAILED STEPS
Step 6
lifetime seconds
Example:
Router(config-isakmp)# lifetime 480
Router(config-isakmp)#
Specifies the lifetime, from 60 to 86400 seconds,
for an IKE SA
5
.
Step 7
exit
Example:
Router(config-isakmp)# exit
Router(config)#
Exits IKE policy configuration mode and enters
global configuration mode.
1. ISAKMP = Internet Security Association Key and Management Protocol
2. DES = data encryption standard
3. MD5 = Message Digest 5
4. SHA-1 = Secure Hash standard
5. SA = security association
Command or Action Purpose
Command or Action Purpose
Step 1
crypto isakmp client configuration group
{group-name | default}
Example:
Router(config)# crypto isakmp client
configuration group rtr-remote
Router(config-isakmp-group)#
Creates an IKE policy group containing attributes
to be downloaded to the remote client.
Also enters the ISAKMP group policy
configuration mode.
Step 2
key name
Example:
Router(config-isakmp-group)# key
secret-password
Router(config-isakmp-group)#
Specifies the IKE pre-shared key for the group
policy.
To Next Page
Loading...
Need help?
General
Weight and Dimensions
