Chapter 4 Configuring the VSA
Configuration Tasks
To configure an IKE policy, use the following commands beginning in global configuration mode:
| Command | Purpose |
|
|
|
Step 1 | Router(config)# crypto isakmp policy | Defines an IKE policy and enters Internet Security Association |
| priority | Key Management Protocol (ISAKMP) policy configuration |
|
|
|
|
|
|
Step 2 | Specifies the encryption algorithm within an IKE policy. | |
| 3des aes aes 128 aes 192 aes 256} | • |
|
| |
|
| • |
|
| • |
|
| • aes |
|
| • aes |
|
| • aes |
|
|
|
Step 3 | (Optional) Specifies the authentication method within an IKE | |
| policy. | |
|
| • |
|
| signatures as the authentication method. |
|
| • |
|
| authentication method. |
|
| • |
|
| method. |
|
| Note If this command is not enabled, the default value |
|
| will be used. |
|
|
|
Step 4 | (Optional) Specifies the lifetime of an IKE security association | |
|
| (SA). |
|
|
|
|
| expiring. Use an integer from 60 to 86,400 seconds. |
|
| Note If this command is not enabled, the default value (86,400 |
|
| seconds [one day]) will be used. |
|
|
|
C7200 VSA (VPN Services Adapter) Installation and Configuration Guide
|
| ||
|
|