Cisco: IPSEC Tunnel
Notes:
1. configuring IKE
crypto isakamp enable
crypto isakamp policy 100
authentication pre-share
encryption des
group 1
hash md5
lifetime 86400
exit
Determining the Common Password and the address of the tunnel endpoint
crypto isakamp key cisco123 address 3.0.0.2
show crypto isakamp policy
3 Configuring IPsec parameters
crypto ipsec transfer-set MINE esp-des
mode tunnel
exit
show crypto ipsec transfer-set MINE
Configuring crypto ACLs
access-list 102 permit ip host 2.0.0.1 host 3.0.0.2
5 Configuring crypto maps
crypto map MYMAP 10 ipsec-isakamp
match address 102
set transform-set MINE
set peer 3.0.0.2
exit
show crypto map
6. application of the crypto map on the serial (external) interface
interface serial 1/0
crypto map MYMAP
exit
show crypto ipsec sa
clear crypto sa
debug crypto ipsec
debug crypto isakamp