© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to...
-
Upload
adrian-mcintosh -
Category
Documents
-
view
218 -
download
0
Transcript of © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to...
![Page 1: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/1.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Network Security 2
Module 4: Configuring Site to Site VPN with Pre-shared keys
![Page 2: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/2.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Lesson 4.3 Configure a Router with IPSec Using Pre-shared Keys
Module 4: Configuring Site to Site VPN with Pre-shared keys
![Page 3: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/3.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Configuring IPsec Step 1: Configure transform sets.
Step 2: Configure global IPsec SA lifetimes.
Step 3: Configure crypto ACLs
Step 4: Configure crypto maps
Step 5: Apply the crypto maps to the terminating / originating interface
![Page 4: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/4.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
![Page 5: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/5.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Step 2 – Create IKE policies
![Page 6: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/6.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
![Page 7: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/7.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
![Page 8: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/8.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Step 3: Purpose of Crypto ACLs
The peer that initiates the negotiation sends all its policies to the remote peer, and the remote peer tries to find a match with its policies
![Page 9: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/9.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
ISAKMP Identity
![Page 10: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/10.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Step 3 – Configure pre-shared keys
![Page 11: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/11.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Step 4 – Purpose of Crypto Maps
![Page 12: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/12.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
![Page 13: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/13.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
![Page 14: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/14.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Step 5: Applying Crypto Maps to Interfaces
![Page 15: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/15.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
![Page 16: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/16.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.
Q and A
![Page 17: © 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.](https://reader035.fdocuments.net/reader035/viewer/2022062618/55145c8d550346b0158b46b8/html5/thumbnails/17.jpg)
© 2006 Cisco Systems, Inc. All rights reserved.