• IpSec

IPSEC

IPSEC encryption related links.

• http://unixwiz.net/techtips/iguide-ipsec.html

Sample Cisco Config

!!# Phase One - isakmp #!!

crypto isakmp policy 10 
   hash sha 
   authentication pre-share 
   crypto isakmp key vpnkey address 10.0.0.2

!!# Phase Two - ipsec #!!

! crypto ipsec security-association lifetime seconds 28800
crypto ipsec transform-set vpnset esp-aes esp-sha-hmac 
   exit 
crypto map vpnset 10 ipsec-isakmp 
   set peer 10.0.0.2 
   set transform-set vpnset
   ! set pfs group2
   match address 100

!!#Apply to outside int #!!

int ??
    !ip address 10.0.0.1
    crypto map vpnset
access-list 100 permit ip 10.10.10.0 0.0.0.255 10.20.0.0 0.0.0.255
ip route 0.0.0.0 0.0.0.0 192.168.16.1

...

CategorySecurity