Step Description Command Keys
22 Set recipient’s subnet IP address as
well as IP and port.
esr(config-ike-gw)# remote
network <ADDR/LEN>
[ protocol { <TYPE> | <ID> } [ port
<PORT> ] ]
<ADDR/LEN> – subnet IP
address and mask of a sender.
The parameter is defined as
AAA.BBB.CCC.DDD/EE where
each part AAA-DDD takes
values of [0..255] and EE takes
values of [1..32].
<TYPE> – protocol type, takes
the following values: esp, icmp,
ah, eigrp, ospf, igmp, ipip, tcp,
pim, udp, vrrp, rdp, l2tp, gre;
<ID> – IP identification number,
takes values of [0x00-0xFF];
<PORT> – TCP/UDP port, takes
values of [1..65535].
23 Create IPsec profile. esr(config)# security ipsec
proposal <NAME>
<NAME> – IPsec protocol
profile name, set by the string
of up to 31 characters.
24 Specify IPsec authentication algorithm. esr(config-ipsec-proposal)#
authentication algorithm
<ALGORITHM>
<ALGORITHM> –
authentication algorithm, takes
values of: md5, sha1, sha2-256,
sha2‑384, sha2-512.
26 Specify IPsec encryption algorithm. esr(config-ipsec-proposal)#
encryption algorithm
<ALGORITHM>
<ALGORITHM> – encryption
protocol, takes the following
values: des, 3des, blowfish128,
blowfish192, blowfish256,
aes128, aes192, aes256,
aes128ctr, aes192ctr,
aes256ctr, camellia128,
camellia192, camellia256.
26 Specify protocol (optionally). esr(config-ipsec-
proposal)#protocol <PROTOCOL>
<PROTOCOL> – encapsulation
protocol, takes the following
values:
27 Create an IPsec profile policy and
switch to its configuration mode.
esr(config)# security ipsec policy
<NAME>
<NAME> – IPsec policy name,
set by the string of up to 31
characters.
28 Bind the policy to profile. esr(config-ipsec-policy)# proposal
<NAME>
<NAME> – IPsec protocol
profile name, set by the string
of up to 31 characters.
To Next Page
Loading...
Need help?
General
