Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Implement IKE Security Protocol Configurations for IPSec Networks
SC-117
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
OL-20382-01
Configuring IKE Policies
This task configures IKE policies.
SUMMARY STEPS
1. configure
2. crypto isakmp policy priority
3. encryption {192-aes AES - Advanced Encryption Standard (192-bit keys) | 256-aes AES - Advanced
Encryption Standard (256-bit keys) | 3des 3DES - Three-key triple DES | aes AES - Advanced
Encryption Standard (128 bit keys) | des DES - Data Encryption Standard (56 bit keys)}
4. hash {sha | md5}
5. authentication {pre-share | rsa-sig | rsa-encr}
6. group {1 | 2 | 5}
7. lifetime seconds
8. end
or
commit
9. show crypto isakmp policy
Step 3
no crypto isakmp
Example:
RP/0/RP0/CPU0:router(config)# no crypto isakmp
(Optional) Disables IKE at the peer router.
Step 4
end
or
commit
Example:
RP/0/RP0/CPU0:router(config)# end
or
RP/0/RP0/CPU0:router(config)# commit
Saves configuration changes.
• When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
–
Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
–
Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Command or Action Purpose
To Next Page
Loading...
Need help?
General
