Internet Key Exchange (IKE) is a protocol based on ISAKMP/Oakley, which stands for Internet Security Association and Key Management Protocol (with Oakley distribution), and supports IPsec by providing a private, authenticated key management channel through which the peers can communicate and negotiate session keys for AH and ESP and to negotiate encryption, authentication, and compression algorithms for the session. IKE is used to perform authentication for IPsec peers, negotiation of IKE and IPsec SAs, and establishment of keys for the encryption algorithms used by IPsec. The terms IKE and ISAKMP are used interchangeably throughout this chapter.

To configure IPsec encryption on the Cisco router, you must complete four steps. Each task includes specific subtasks: Step 1.

Select the IKE and IPsec parameters .

Step 2.

Configure IKE .

Step 3.

Configure IPsec . Step 4.

Test and verify the IPsec configuration .

0 0

Post a comment