Cisco Systems SA-ISA, SM-ISM manual Using the Exec Command Interpreter, Enabling Mppe, ISA card

Page 38

Chapter 4 Configuring the ISA and ISM

Using the EXEC Command Interpreter

Configuring IPSec requires privileged-level access to the EXEC command interpreter. Also, privileged-level access usually requires a password. (Contact your system administrator, if necessary, to obtain privileged-level access.)

These sections contain basic configuration information only. For detailed configuration information, refer to the “IP Security and Encryption” chapter of the Security Configuration Guide publication.

Using the EXEC Command Interpreter

You modify the configuration of your router through the software command interpreter called the EXEC (also called enable mode). You must enter the privileged level of the EXEC command interpreter with the enable command before you can use the configure command to configure a new interface or change the existing configuration of an interface. The system prompts you for a password if one has been set.

The system prompt for the privileged level ends with a pound sign (#) instead of an angle bracket (>). At the console terminal, use the following procedure to enter the privileged level:

Step 1 At the user-level EXEC prompt, enter the enable command. The EXEC prompts you for a privileged-level password as follows:

Router> enable

Password:

Step 2 Enter the password (the password is case sensitive). For security purposes, the password is not displayed.

When you enter the correct password, the system displays the privileged-level system prompt (#):

Router#

Enabling MPPE

Use the encryption mppe command in ISA controller configuration mode to enable MPPE on the ISA or the ISM. This off-loads the MPPE function from the route processor to the ISA or the ISM.

Note The boot LED remains lit instead of pulsating when the ISA/ISM is configured for IPSec (default). When the ISA/ISM is configured for MPPE, the Boot LED pulsates. The ISA/ISM functions normally whether the Boot LED is pulsating or is solid.

Note To use the encryption mppe command, PPP encapsulation must be enabled.

Step

Command

Purpose

 

 

 

1.

Router(config)# controller isa slot/port

Enter controller configuration mode on

 

 

the ISA card.

 

 

 

2.

Router(config-controller)# encryption mppe

Enables MPPE encryption.

 

 

 

Integrated Services Adapter and Integrated Services Module Installation and Configuration

4-2

OL-3575-01 B0

 

 

Page 37 Page 39
Image 38
Page 37 Page 39
Contents Corporate Headquarters Text Part Number OL-3575-01 B0Copyright 1999- 2003 Cisco Systems, Inc All rights reserved N T E N T S Configuring the ISA and ISM Preface ObjectivesInstallation Warning AudienceSection Title Description Document OrganizationDocument Conventions Boldface fontItalic screen font Indicates a comment lineTerms and Acronyms ViiRelated Documentation ViiiCisco 7100 series routers Obtaining Documentation Cisco.comDocumentation Feedback Documentation CD-ROMOrdering Documentation Obtaining Technical Assistance Technical Assistance CenterObtaining Additional Publications and Information Cisco TAC Escalation CenterXiv Overview ISA and ISM OverviewData Encryption Overview Features Feature DescriptionPort Adapter Slot Locations on the Supported Platforms Cisco 7100 Series Routers Slot NumberingCisco 7200 Series Routers Slot Numbering Port adapter in slot ISM in slotLEDs LEDsBoot LED Label Color State FunctionOL-3575-01 B0 Preparing for Installation Required Tools and EquipmentPlatform Recommended Minimum Cisco IOS Release Encryption mppe command Safety GuidelinesSafety Warnings ISA and ISA ISA with VAMPreparing for Installation Safety Guidelines Electrical Equipment Guidelines Preventing Electrostatic Discharge DamageOL-3575-01 B0 Removing and Installing the ISA and the ISM Handling the ISA or the ISMOnline Insertion and Removal Handling the ISMRemoving and Installing the ISA and the ISM ISA or ISM Removal and Installation Cisco 7100 Series-Removing and Installing the ISM StepCisco 7200 Series-Removing and Installing the ISA GuideConfiguring the ISA and ISM OverviewEnables Mppe encryption Using the Exec Command InterpreterEnter controller configuration mode on Enabling MppeIdentify the policy to create, and enter Configuring IKEConfig-isakmp command mode Specify the encryption algorithmConfiguring IPSec Creating Crypto Access ListsDefining a Transform Set Step Command Purpose Creating Crypto Maps Access list determines which traffic is Crypto map configuration modeSpecify an extended access list. This Exit crypto map configuration modeApplying Crypto Maps to Interfaces Verifying ConfigurationExit interface configuration mode Apply a crypto map set to an interfaceCommand Purpose Router# show crypto ipsec sa interface Ethernet0 Configuring the ISA and ISM IPSec Example IPSec ExampleRouter B Configuration OL-3575-01 B0 D E IN-2
Top Page Image Contents