
Black Box LR11xx Series Router Configurations Guide
Blackbox/configure> system licenses vpn_plus_firewall
Enter Security Upgrade License key: 024f3bc296b4ea7265
4.2Example 1: Managing the Black Box LR1104A Securely Over an IPSec Tunnel
The following example demonstrates how to manage a Black Box router through an IP security tunnel. Steps are presented for configuring the Black Box1 and Black Box2 routers to assist any host on the LAN side of Black
The security requirements are as follows:
Phase 1: 3DES with SHA1
Phase 2: IPSec ESP with AES and
Figure 8 Tunnel Mode Between Two Black Box Security Gateways - Multiple Proposals
|
| 172.16.0.1 | 172.16.0.2 | TRUSTED |
|
|
|
| |
TRUSTED |
|
|
|
|
|
| IPSec ESP |
|
|
| Black Box 1 | UNTRUSTED | Black Box 2 | Network |
Network |
| 10.0.2.0/24 | ||
|
|
| ||
10.0.1.0/24 |
|
|
|
|
Step 1: Configure a WAN bundle of network type untrusted
Black Box1/configure> interface bundle wan1
message: Configuring new bundle
Black Box1/configure/interface/bundle | wan1> link t1 1 | ||
Black Box1/configure/interface/bundle | wan1> encapsulation ppp | ||
Black Box1/configure/interface/bundle | wan1> ip address 172.16.0.1 24 | ||
Black | Box1/configure/interface/bundle | wan1> | crypto untrusted |
Black | Box1/configure/interface/bundle | wan1> | exit |
Step 2: Configure the Ethernet interface with trusted network type
Black Box1/configure> interface ethernet 0
message: Configuring existing Ethernet interface
Black Box1/configure interface/ethernet 0> ip address 10.0.1.1 24 Black Box1/configure/interface/ethernet 0> crypto trusted
Black Box1/configure/interface/ethernet 0> exit
Step 3: Display the crypto interfaces
24