Security Features
June 2004
© 2004 Foundry Networks, Inc.
15 - 27
Step16: Repeat steps 1 -15 with suitable modifications on Router2 prior to passing bi-
directional traffic.
Step 17: Test the IPSec tunnel between Router1 and Router2 by passing traffic from the 10.0.1.0
network to the 10.0.2.0 network.
Step 18: After traffic is passed through the tunnel, display the IKE and IPSec SA tables.
Router1# show crypto ike sa all
Policy Peer State Bytes Transform
------ ---- ----- ----- ---------
Router2 172.16.0.2 SA_MATURE 1796 pre-g1-3des-sha1
Router1# show crypto ike sa all detail
Crypto Policy name: Router2
Remote ident 172.16.0.2
Peer Address is 172.16.0.2
Transform: 3des, sha1, pre-shared-key
DH Group: group1
Bytes Processed 1796
State is SA_MATURE
Mode is Main
Remaining Time in Sec: 86380
Life Time in Sec: 86400, Life Time in Bytes is unlimited
Router1# show crypto ipsec sa all
Policy Dest IP Spi Bytes Transform
------ ------- --- ----- ---------
INRouter2 172.16.0.1 0x8eabe4b3 256 esp-aes-sha1-tunl
Router2 172.16.0.2 0xa9a506f9 256 esp-aes-sha1-tunl
Summary of Contents for AR1202
Page 15: ...Foundry AR Series Router User Guide 1 6 2004 Foundry Networks Inc June 2004...
Page 23: ...Foundry AR Series Router User Guide 2 8 2004 Foundry Networks Inc June 2004...
Page 45: ...Foundry AR Series Router User Guide 3 22 2004 Foundry Networks Inc June 2004...
Page 111: ...Foundry AR Series Router User Guide 8 18 2004 Foundry Networks Inc June 2004...
Page 153: ...Foundry AR Series Router User Guide 9 42 2004 Foundry Networks Inc June 2004...
Page 181: ...Foundry AR Series Router User Guide 10 28 2004 Foundry Networks Inc June 2004...
Page 215: ...Foundry AR Series Router User Guide 12 10 2004 Foundry Networks Inc June 2004...
Page 291: ...Foundry AR Series Router User Guide 15 66 2004 Foundry Networks Inc June 2004...
Page 293: ...Foundry AR Series Router User Guide Index 2 2004 Foundry Networks Inc June 2004...