Sample configurations
377
SmartWare Software Configuration Guide
32 • VPN configuration
set session-key inbound esp 6666 cipher
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321
set session-key outbound esp 5555 cipher
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF
set session-key inbound ah 4444 FEDCBA0987654321FEDCBA0987654321FEDCBA09
set session-key outbound ah 3333 1234567890ABCDEF1234567890ABCDEF12345678
set transform-set AES_SHA1
match address 110
!
...
For the remainder of the configuration (see above), just change the name of the IPsec policy profile in the ACL
profile
VPN_Out
IPsec tunnel, 3DES encryption at 192 bit key length, ESP authentication with
HMAC-MD5-96
SmartNode configuration
profile ipsec-transform TDES_MD5
esp-encryption 3des-cbc 192
esp-authentication hmac-md5-96
profile ipsec-policy-manual VPN_TDES_MD5
use profile ipsec-transform TDES_MD5
session-key inbound esp-authentication 1234567890ABCDEF1234567890ABCDEF
session-key outbound esp-authentication FEDCBA0987654321FEDCBA0987654321
session-key inbound esp-encryption
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF
session-key outbound esp-encryption
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321
spi inbound esp 7777
spi outbound esp 8888
peer 200.200.200.1
mode tunnel
...
For the remainder of the configuration (see above), just change the name of the IPsec policy profile in the ACL
profile
VPN_Out
Cisco router configuration
crypto ipsec transform-set 3DES_MD5 esp-3des esp-md5-hmac
!
crypto map VPN_3DES_MD5 local-address FastEthernet0/1
crypto map VPN_3DES_MD5 10 ipsec-manual
set peer 200.200.200.2
set session-key inbound esp 8888 cipher
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321 authenticator
FEDCBA0987654321FEDCBA0987654321
set session-key outbound esp 7777 cipher
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF authenticator
1234567890ABCDEF1234567890ABCDEF
set transform-set 3DES_MD5
match address 110
!
Содержание SmartNode Series
Страница 250: ...RIP configuration task list 250 SmartWare Software Configuration Guide 23 RIP configuration rip enabled ...
Страница 635: ...635 Appendix A Terms and definitions Chapter contents Introduction 636 SmartWare architecture terms and definitions 636 ...
Страница 641: ...641 Appendix B Mode summary Chapter contents Introduction 642 ...
Страница 648: ...648 Appendix D Internetworking terms acronyms Chapter contents Abbreviations 649 ...
Страница 653: ...653 Appendix E Used IP ports available voice codecs Chapter contents Used IP ports 654 Available voice codecs 655 ...