Configuring Manual IPsec

You can manually configure your IPsec connection from the crypto-map configuration mode. When you manually configure the IPsec parameters, you manually input all the keys necessary to create the connection. This configuration removes the functionality that allows the peers to renegotiate and constantly change the connection parameters and greatly reduces the security of the connection. The commands for configuring manual IPsec are as follows:

set session-key inbound | outbound ah/esp spi hex-key-string set session-key inbound | outbound ah/esp spi authentication cipher hex-key-string

0 0

Post a comment