cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
278
Views
0
Helpful
3
Replies

Ipsec

konn
Level 1
Level 1

Hi,

I need to find out in order to configure IPsec such as the following configuration sample, do I need to have a VPN router. Pls help me on the following

1. What if I have two router without VPN modue , can I still configure IPsec

to encryption data flow from one router to the other.

2. What is requirements to configure IPsec, do I need to purchase any

hareware.

crypto isakmp policy 1

hash md5

authentication pre-share

crypto isakmp key cisco123 address 200.1.1.2

!

!--- IPSec policies

crypto ipsec transform-set to_vpn esp-des esp-md5-hmac

!

crypto map to_vpn 10 ipsec-isakmp

set peer 200.1.1.2

set transform-set to_vpn

!--- Traffic to encrypt

match address 101

!

interface FastEthernet0/0

ip address 203.20.20.2 255.255.255.0

ip nat outside

duplex auto

speed auto

crypto map to_vpn

Thanks

3 Replies 3

ajagadee
Cisco Employee
Cisco Employee

Hi,

If you already have a Cisco router, then you can download an IOS image from Cisco's website that has Ipsec feature and You dont have to necessarily have a VPN Module to do IPSec.

Regards,

Arul

Can you explain what is the function of the "crypto map " command, when should I use this command.

ajagadee
Cisco Employee
Cisco Employee

Hi,

Crypto map entries created for IPSec pull together the various parts used to set up IPSec security associations, including:

Which traffic should be protected by IPSec (per a crypto access list)

The granularity of the flow to be protected by a set of security associations

Where IPSec-protected traffic should be sent (who the remote IPSec peer is)

The local address to be used for the IPSec traffic

What IPSec security should be applied to this traffic (selecting from a list of one or more transform sets)

Whether security associations are manually established or are established via IKE

Other parameters that might be necessary to define an IPSec security association

You can also refer the below URL for the same:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fipsenc/scfipsec.htm#1001432

Regards,

Arul

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: