Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Implement IKE Security Protocol Configurations for IPSec Networks
SC-35
Cisco IOS XR System Security Configuration Guide
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
crypto isakmp policy
priority
Example:
RP/0/RP0/CPU0:router(config)# crypto isakmp
policy 5
Identifies the policy to create.
• Each policy is uniquely identified by the priority
number you assign.
• This command places the router in ISAKMP policy
configuration mode.
Step 3
encryption {des | 3des | aes | aes 192 | aes
256}
Example:
RP/0/RP0/CPU0:router(config-isakmp)# encryption
aes
Specifies the encryption algorithm.
Step 4
hash {sha | md5}
Example:
RP/0/RP0/CPU0:router(config-isakmp)# hash md5
Specifies the hash algorithm.
Step 5
authentication {pre-share | rsa-sig | rsa-encr}
Example:
RP/0/RP0/CPU0:router(config-isakmp)#
authentication rsa-sig
Specifies the authentication method.
Step 6
group {1 | 2 | 5}
Example:
RP/0/RP0/CPU0:router(config-isakmp)# group 5
Specifies the Diffie-Hellman group identifier.
Step 7
lifetime
seconds
Example:
RP/0/RP0/CPU0:router(config-isakmp)# lifetime
50000
Specifies the lifetime of the security association. The range,
in seconds, is from 60 to 86400.
To Next Page
Loading...
