Differences between revisions 4 and 5

IPSEC

IPSEC encryption related links.

http://unixwiz.net/techtips/iguide-ipsec.html

Sample Cisco Config

!!# Phase One - isakmp #!!

crypto isakmp policy 10 
   hash sha 
   authentication pre-share 
   crypto isakmp key vpnkey address 10.0.0.2

!!# Phase Two - ipsec #!!

! crypto ipsec security-association lifetime seconds 28800
crypto ipsec transform-set vpnset esp-aes esp-sha-hmac 
   exit 
crypto map vpnset 10 ipsec-isakmp 
   set peer 10.0.0.2 
   set transform-set vpnset
   ! set pfs group2
   match address 100

!!#Apply to outside int #!!

int ??
    !ip address 10.0.0.1
    crypto map vpnset
access-list 100 permit ip 10.10.10.0 0.0.0.255 10.20.0.0 0.0.0.255
ip route 0.0.0.0 0.0.0.0 192.168.16.1

...

CategorySecurity

-  ⇤ ← Revision 4 as of 2014-07-01 19:48:09 → 
  Size: 789
  Editor: PieterSmit
  Comment: fix code blocks.
+   ← Revision 5 as of 2014-07-01 19:52:49 → ⇥
  Size: 905
  Editor: PieterSmit
  Comment: Add cross device Cisco settings as optional.
-Deletions are marked like this.
+Additions are marked like this.
 Line 10:
+!!# Phase One - isakmp #!!
-Line 16:
+Line 17:
-!!# Phase Two #!!
+!!# Phase Two - ipsec #!!
-Line 18:
+Line 19:
+! crypto ipsec security-association lifetime seconds 28800
-Line 22:
+Line 24:
-   set transform-set vpnset
+   set transform-set vpnset
   ! set pfs group2