Example 2011 Configuring IPsec Parameters

NewYork#configure terminal

NewYork (config)#crypto ipsec transform-set 20 esp-256-aes esp-sha-hmac

NewYork (cfg-crypto-trans)#exit

NewYork (config)#crypto ipsec security-association lifetime seconds 3600

NewYork (config)#access-list 105 permit ip 10.10.1.0 0.0.0.255 10.10.3.0 0.0.0.255

NewYork(config)#crypto map SanFran 120 ipsec-isakmp

NewYork(config-crypto-map)#match address 105 NewYork(config-crypto-map)#set peer 192.168.3.1 NewYork(config-crypto-map)#set pfs group 5 NewYork(config-crypto-map)#set transform-set 20

NewYork(config-crypto-map)#set security-association lifetime seconds 86400

NewYork(config-crypto-map)#interface Fa0/1 NewYork(config-if)#crypto map SanFran

0 0

Post a comment