52CHAPTER 17: CONFIGURING IPSEC
<auth_algorithm> : MD5 SHA
<portlist >:
The default for encrypt_algorithms is DES. The default for auth_algorithms is
MD5.
Creating an Encryption Policy
To create an encryption policy for Telnet traffic using the default encryption algorithm DesCbc from router 1 with IP address 170.0.0.1 to router 2 with IP address 180.0.0.1, follow these steps:
1On bridge/router 1, enter:
ADD !1
2On bridge/router, 2 enter:
ADD !1
To configure an encryption policy for Telnet traffic using the 3DES2key encryption algorithm between router 1 with IP address 170.0.0.1 and router 2 with IP address 180.0.0.1, follow these steps:
1On bridge/router 1, enter:
ADD !1
180.0.0.1 3DES2key
2On bridge/router, 2 enter:
ADD !1
170.0.0.1 3DES2key
Creating a Security Policy
To create a security policy to provide data confidentiality and data integrity for
PPTP tunnel traffic between router 1 and router 2, follow these steps:
1On bridge/router 1 enter:
ADD !1
2On bridge/router 2, enter:
ADD !1
Creating Key Sets To create a key set, use:
ADD
“%<encrypt_key>”)] [AuthKey (“<auth_key>” “%<auth_key>”)]
The encrypt_key and auth_key must match the values on the peer system at the other end of the security association.
<key_set_name> is a name you assign to the key set you are adding.