Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Implement IKE Security Protocol Configurations for IPSec Networks
SC-37
Cisco IOS XR System Security Configuration Guide
11. max-logins number-of-logins
12. max-users number-of-users
13. netmask mask
14. pfs
15. pool name
16. save-password
17. split-dns domain-name
18. wins primary-server [secondary-server]
19. end
or
commit
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
crypto isakmp client configuration group
group-name
Example:
RP/0/RP0/CPU0:router(config)# crypto isakmp
client configuration group cisco
Specifies which group's policy profile is defined and enters
ISAKMP group configuration mode.
• If no specific group matches and a default group is
defined, users are automatically given the default
group's policy.
Step 3
key
preshared-key
Example:
RP/0/RP0/CPU0:router(config-group)# key
samplekey
Specifies the IKE preshared key for group policy attribute
definition.
Note This command must be enabled if the client
identifies itself with a preshared key.
Step 4
acl
acl-name
Example:
RP/0/RP0/CPU0:router(config-group)# acl group1
(Optional) Configures split tunneling.
• Use the acl-name argument to specify a group of ACL
rules that represent protected subnets for split tunneling
purposes.
Step 5
backup-server {ip-address | hostname}
Example:
RP/0/RP0/CPU0:router(config-group)#
backup-server 10.1.1.1
Specifies the backup server.
• Use the ip-address argument to specify the IP address
of the server.
• Use the hostname argument to specify the hostname of
the server.
To Next Page
Loading...
