Name: ELTEX ESR-3100
Brand: ELTEX
Rating: 5 (1 reviews)

To Next Page

To Previous Page

ESR series service routers.ESR-Series. User manual

206

To configure security zones rules, create ISAKMP port profile:

esr(config)# object-group service ISAKMP

esr(config-addr-set)# port-range 500

esr(config-addr-set)# exit

Create IKE protocol profile. Select Diffie-Hellman group 2, AES 128 bit encryption algorithm and MD5

authentication algorithm in the profile. The given security parameters are used for IKE connection

protection:

esr(config)# security ike proposal ike_prop1

esr(config-ike-proposal)# dh-group 2

esr(config-ike-proposal)# authentication algorithm md5

esr(config-ike-proposal)# encryption algorithm aes128

esr(config-ike-proposal)# exit

esr(config)#

Create IKE protocol policy. For the policy, specify the list of IKE protocol profiles that may be used for

node and authentication key negotiation:

esr(config)# security ike policy ike_pol1

esr(config-ike-policy)# pre-shared-key hexadecimal 123FFF

esr(config-ike-policy)# proposal ike_prop1

esr(config-ike-policy)# exit

Create IKE protocol gateway. For this profile, specify VTI tunnel, policy, protocol version and mode of

traffic redirection into the tunnel:

esr(config)# security ike gateway ike_gw1

esr(config-ike-gw)# ike-policy ike_pol1

esr(config-ike-gw)# remote address 198.51.100.1

esr(config-ike-gw)# remote network 10.0.0.0/16

esr(config-ike-gw)# local address 203.0.113.1

esr(config-ike-gw)# local network 192.0.2.0/24

esr(config-ike-gw)# mode policy-based

esr(config-ike-gw)# exit

Create security parameters profile for IPsec tunnel. For the profile, select Diffie-Hellman group 2, AES

128 bit encryption algorithm and MD5 authentication algorithm. Use the following parameters to secure

IPsec tunnel:

esr(config)# security ipsec proposal ipsec_prop1

esr(config-ipsec-proposal)# authentication algorithm md5

esr(config-ipsec-proposal)# encryption algorithm aes128

esr(config-ipsec-proposal)# exit

Create a policy for IPsec tunnel. For the policy, specify the list of IPsec tunnel profiles that may be used

for node negotiation:

esr(config)# security ipsec policy ipsec_pol1

esr(config-ipsec-policy)# proposal ipsec_prop1

esr(config-ipsec-policy)# exit

Brand

ELTEX

Model

ESR-3100

ELTEX ESR-3100 User Manual

Table of Contents

Questions and Answers:

ELTEX ESR-3100 Specifications

Related product manuals

Brand	ELTEX
Model	ESR-3100
Category	Network Router
Language	English