Configure the Preshared

The preshared key is the method used by each peer to authenticate each other. The preshared keys must match exactly on both peers. The configuration command includes the key and the address/identity of the peer:

Miami#configure terminal

Miami(config)#crypto isakmp key abc123 address 192.168.1.1 255.255.255.255

The best way to troubleshoot a connection is to ensure that your configuration settings are correct in the first place. Because of the complexity required for VPN connections and the requirement that both peer configurations must match it is always a good idea to verify the configuration. If possible, it is best to compare the configurations from both peers at the same time. To verify the IKE policy configuration, use the show crypto isakmp policy command:

[View full width] Miami#show crypto isakmp Global IKE policy

Protection suite of priority 100

encryption algorithm: AES - Advanced Encryption Standard (256 bit keys).

0 0

Post a comment