Important:
Define at least one ISAKMP policy.
Procedure
1. Enter crypto isakmp policy, followed by an index number from 1 to 20, to
enter the context of an ISAKMP policy list and to create the list if it does not exist.
For example:
Gxxx-001# crypto isakmp policy 1
Gxxx-001(config-isakmp:1)#
2. You can use the following commands to set the parameters of the ISAKMP policy:
• Use the description command to assign a description to the ISAKMP
policy.
• Use the authentication pre-share command to set the authentication
of ISAKMP policy to pre-shared secret.
• Use the encryption command to set the encryption algorithm for the
ISAKMP policy. Possible values are des (default), 3des, aes, aes-192 and
aes-256.
• Use the hash command to set the hash (authentication) algorithm for the
ISAKMP policy. Possible values are md5 and sha (default).
• Use the group command to set the Diffie-Hellman group for the ISAKMP
policy. Possible values are 1 (default), 2, 5 and 14.
• Use the lifetime command to set the lifetime of the ISAKMP SA, in seconds.
The range of values is 60 to 86,400 seconds (default is 86,400). For example:
Gxxx-001(config-isakmp:1)# description “lincroft ike”
Done!
Gxxx-001(config-isakmp:1)# authentication pre-share
Done!
Gxxx-001(config-isakmp:1)# encryption des
Done!
Gxxx-001(config-isakmp:1)# hash md5
Done!
Gxxx-001(config-isakmp:1)# group 1
Done!
Gxxx-001(config-isakmp:1)# lifetime 60000
Done!
3. Exit the ISAKMP policy context with the exit command.
For example:
Gxxx-001(config-isakmp:1)# exit
Gxxx-001#
IPSec VPN
Administering Avaya G430 Branch Gateway October 2013 487
To Next Page
Loading...
