Name: Cisco CRS-1 - Carrier Routing System Router
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software

Configuration Examples for Implementing IKE Security Protocol

SC-146

Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router

OL-20382-01

RP/0/RP0/CPU0:router(config-isakmp)# encryption des << restricts use to DES only

RP/0/RP0/CPU0:router(config-isakmp)# group 2

RP/0/RP0/CPU0:router(config-isakmp)# authentication pre-share

RP/0/RP0/CPU0:router(config)# crypto isakmp policy 20

RP/0/RP0/CPU0:router(config-isakmp)# encryption aes << restricts use to AES only

RP/0/RP0/CPU0:router(config-isakmp)# group 2

RP/0/RP0/CPU0:router(config-isakmp)# authentication pre-share

RP/0/RP0/CPU0:router(config)# crypto isakmp policy-set policy_1 << match ID

RP/0/RP0/CPU0:router(config-isakmp-pol-set)# policy 10 << routing priority

RP/0/RP0/CPU0:router(config-isakmp-pol-set)# match identity local-address 1.1.1.1

RP/0/RP0/CPU0:router(config)# crypto isakmp policy-set policy_2 << match ID

RP/0/RP0/CPU0:router(config-isakmp-pol-set)# policy 20

RP/0/RP0/CPU0:router(config-isakmp-pol-set)# match identity local-address 2.2.2.2

RP/0/RP0/CPU0:router(config-isakmp-pol-set)# commit

RP/0/RP0/CPU0:router(config-isakmp-pol-set)# exit

RP/0/RP0/CPU0:router(config-isakmp)#

Configuring Cisco Easy VPN with a Local AAA-Method Server: Example

The following example shows how to configure Cisco Easy VPN with a local method-AAA server:

aaa authorization network author-net-local local

aaa authentication login authen-net-local local

local pool

ipv4 pool-1 20.20.20.4 20.20.20.255

ipv4 access-list acl-3

10 permit ipv4 any any

interface MgmtEth0/0/CPU0/0

ipv4 address 3.1.73.1 255.255.0.0

interface GigabitEthernet0/1/0/1

ipv4 address 2.0.0.1 255.0.0.0

negotiation auto

interface service-ipsec3

ipv4 address 30.3.3.3 255.255.0.0

profile ipsec-prof-ezvpn

tunnel source 10.20.100.3

service-location preferred-active 0/2/0

crypto isakmp client configuration group group-a

key group-a-key

pool pool-1

crypto isakmp

crypto isakmp policy 30

authentication pre-share

group 2

encryption aes

lifetime 180

crypto isakmp profile isakmp-prof3

client authentication list authen-net-local

match identity group group-a

set interface service-ipsec3

Brand	Cisco
Model	CRS-1 - Carrier Routing System Router
Category	Network Router
Language	English

Cisco CRS-1 - Carrier Routing System Router Configuration Guide

Table of Contents

Other manuals for Cisco CRS-1 - Carrier Routing System Router

Questions and Answers:

Cisco CRS-1 - Carrier Routing System Router Specifications

Related product manuals