![background image](http://html1.mh-extra.com/html/patton-electronics/smartnode-series/smartnode-series_software-configuration-manual_4048643360.webp)
360
Chapter 32
VPN configuration
Chapter contents
Introduction
........................................................................................................................................................361
Authentication
..............................................................................................................................................361
Encryption
....................................................................................................................................................361
Transport and tunnel modes
.........................................................................................................................362
Permanent IKE Tunnels
..........................................................................................................................362
Key management
..........................................................................................................................................362
VPN configuration task list
.................................................................................................................................363
Creating an IPsec transformation profile
.......................................................................................................363
Creating an IPsec policy profile
.....................................................................................................................363
Creating/modifying an outgoing ACL profile for IPsec
.................................................................................365
Configuration of an IP interface and the IP router for IPsec
..........................................................................366
Displaying IPsec configuration information
..................................................................................................366
Debugging IPsec
...........................................................................................................................................367
Key management (IKE)
.......................................................................................................................................368
Main differences between manual & IKE IPSEC configurations
.............................................................368
Creating an ISAKMP transform profile
...................................................................................................369
Creating an ISAKMP IPSEC policy profile
.............................................................................................370
Creating/modifying an outgoing ACL profile for IPSEC
.........................................................................371
Configuration of an IP interface and the IP router for IPSEC
.................................................................371
Policy matching
......................................................................................................................................371
Sample configuration snippet
..................................................................................................................371
Troubleshooting
...........................................................................................................................................372
Encrypted Voice - Performance considerations
....................................................................................................373
Performance considerations
...........................................................................................................................373
Enabling RTP encryption support
.......................................................................................................................373
Using an alternate source IP address for specific destinations
...............................................................................374
Sample configurations
.........................................................................................................................................375
IPsec tunnel, DES encryption
.......................................................................................................................375
SmartNode configuration
........................................................................................................................375
Cisco router configuration
.......................................................................................................................376
IPsec tunnel, AES encryption at 256 bit key length, AH authentication with HMAC-SHA1-96
..................376
SmartNode configuration
........................................................................................................................376
Cisco router configuration
.......................................................................................................................376
IPsec tunnel, 3DES encryption at 192 bit key length, ESP authentication with HMAC-MD5-96
................377
SmartNode configuration
........................................................................................................................377
Cisco router configuration
.......................................................................................................................377