Beruflich Dokumente
Kultur Dokumente
Command
crypto isakmp policy 1
encr 3des
hash sha
authentication pre-share
group 2
interface [External-Interface]
crypto map VPN-Map-1
Purpose
This creates a new isakmp policy, the number here usually doesn't matter
Sets encryption to triple-DES
Sets hash algorithm to SHA-1
Sets authentication type to a pre-shared key between IPSEC peers
Sets policy to use Diffie-Hellman group 2 type (768 bit key)
This defines a list of common preset algorithms. The preset name is the word right
after "transform-set". Most of the newer IOS software images will support compression
and AES encryption. Older ones will only support 3DES encryption. Some of the
images will only support DES.
Creates an access list that defines what goes into the tunnel
You can create multiple lists of source, destination, and services
Creates an IPSEC map. You can have multiple tunnels per interface by incrementing
the "10" on the next map with the same name "VPN-Map-1".
Defines the IP address of the remote peer
Sets the algorithm preset we defined above
Enables perfect forwarding secret
Defines the access list we created earlier of what goes into the tunnel
Command
crypto isakmp policy 1
encr 3des
hash sha
authentication pre-share
group 2
interface Serial0/0/0
crypto map VPN-Map-1
Purpose
This creates a new isakmp policy, the number here usually doesn't matter
Sets encryption to triple-DES
Sets hash algorithm to SHA-1
Sets authentication type to a pre-shared key between IPSEC peers
Sets policy to use Diffie-Hellman group 2 type (768 bit key)
This defines a list of common preset algorithms. The preset name is the word right
after "transform-set". Most of the newer IOS software images will support compression
and AES encryption. Older ones will only support 3DES encryption. Some of the imag
Creates an access list that defines what goes into the tunnel
You can create multiple lists of source, destination, and services
Creates an IPSEC map. You can have multiple tunnels per interface by incrementing
the "10" on the next map with the same name "VPN-Map-1".
Defines the IP address of the remote peer
Sets the algorithm preset we defined above
Enables perfect forwarding secret
Defines the access list we created earlier of what goes into the tunnel
Command
crypto isakmp policy 1
encr 3des
hash sha
authentication pre-share
group 2
interface Serial0/0/0
crypto map VPN-Map-1
Purpose
This creates a new isakmp policy, the number here usually doesn't matter
Sets encryption to triple-DES
Sets hash algorithm to SHA-1
Sets authentication type to a pre-shared key between IPSEC peers
Sets policy to use Diffie-Hellman group 2 type (768 bit key)
This defines a list of common preset algorithms. The preset name is the word right
after "transform-set". Most of the newer IOS software images will support compression
and AES encryption. Older ones will only support 3DES encryption. Some of the imag
Creates an access list that defines what goes into the tunnel
You can create multiple lists of source, destination, and services
Creates an IPSEC map. You can have multiple tunnels per interface by incrementing
the "10" on the next map with the same name "VPN-Map-1".
Defines the IP address of the remote peer
Sets the algorithm preset we defined above
Enables perfect forwarding secret
Defines the access list we created earlier of what goes into the tunnel