Name: Cisco 3925
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

135

Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide

Chapter Configuring Security Features

Configuring VPN

Configure the IKE Policy

To configure the Internet Key Exchange (IKE) policy, follow these steps, beginning in global

configuration mode.

SUMMARY STEPS

1. crypto isakmp policy priority

2. encryption {des | 3des | aes | aes 192 | aes 256}

3. hash {md5 | sha}

4. authentication {rsa-sig | rsa-encr | pre-share}

5. group {1 | 2 | 5}

6. lifetime seconds

7. exit

DETAILED STEPS

Command or Action Purpose

Step 1

crypto isakmp policy priority

Example:

Router(config)# crypto isakmp policy 1

Router(config-isakmp)#

Creates an IKE policy that is used during IKE

negotiation. The priority is a number from 1 to

10000, with 1 being the highest.

Also enters the ISAKMP

policy configuration

mode.

Step 2

encryption {des | 3des | aes | aes 192 | aes 256}

Example:

Router(config-isakmp)# encryption 3des

Router(config-isakmp)#

Specifies the encryption algorithm used in the IKE

policy.

The example specifies 168-bit DES

Step 3

hash {md5 | sha}

Example:

Router(config-isakmp)# hash md5

Router(config-isakmp)#

Specifies the hash algorithm used in the IKE

policy.

The example specifies the MD5

algorithm. The

default is SHA-1

Step 4

authentication {rsa-sig | rsa-encr | pre-share}

Example:

Router(config-isakmp)# authentication

pre-share

Router(config-isakmp)#

Specifies the authentication method used in the

IKE policy.

The example specifies a pre-shared key.

Step 5

group {1 | 2 | 5}

Example:

Router(config-isakmp)# group 2

Router(config-isakmp)#

Specifies the Diffie-Hellman group to be used in

an IKE policy.

Questions and Answers:

Need help?

Do you have a question about the Cisco 3925 and is the answer not in the manual?

Cisco 3925 Specifications

General

Product Type	Router
Form Factor	Rack-mountable
Data Link Protocol	Ethernet, Fast Ethernet, Gigabit Ethernet
Connectivity Technology	Wired
Power	AC 120/230 V (50/60 Hz)
Redundant Power Supply	Optional
Routing Protocol	OSPF, IS-IS, BGP, EIGRP, PIM
Network/Transport Protocol	IPSec
Remote Management Protocol	SNMP, Telnet, SSH, HTTP
Encryption Algorithm	DES, Triple DES, AES
Flash Memory	256 MB
Weight	11.5 kg
Interfaces	2 x SFP (mini-GBIC)
Power Source	Internal power supply
Authentication Method	RADIUS, TACACS+, LDAP
Compliant Standards	IEEE 802.1Q, IEEE 802.3af
Operating Temperature	0 to 40 °C
Operating Humidity	5% to 85% (non-condensing)
Dimensions (WxDxH)	44.5 x 47.2 x 8.9 cm