Black Box LR1102A-T1/E1 manual Example 1 Managing the Black, Configure IKE to the peer gateway

Example 1: Managing the Black

Blackbox> show crypto interfaces

Blackbox>

Step 4: Add route to peer LAN

Black Box1/configure> ip route 10.0.2.0 24 wan1

Step 5: Configure IKE to the peer gateway

Black Box1/configure> crypto ike policy Black Box2 172.16.0.2

Black Box1/configure/crypto/ike/policy Black Box2 172.16.0.2> local-address 172.16.0.1

message: Default proposal created with priority1-des-sha1-pre_shared-g1.

message: Key String has to be configured by the user.

Black Box1/configure/crypto/ike/policy Black Box2 172.16.0.2> key secretkey Black Box1/configure/crypto/ike/policy Black Box2 172.16.0.2> proposal 1

Black Box1/configure/crypto/ike/policy Black Box2 172.16.0.2/proposal 1> encryption-algorithm 3des-cbc

Black Box1/configure/crypto/ike/policy Black Box2 172.16.0.2/proposal 1> exit Black Box1/configure/crypto/ike/policy Black Box2 172.16.0.2> exit

Step 6: Display IKE policies

Blackbox> show crypto ike policy all

Blackbox>

Step 7: Display IKE policies in detail

Displays the encryption algorithm, hash algorithm, authentication mode, and other details of the IKE policies.

Step 8: Configure the IPSec tunnel to the remote host

Black Box1/configure/crypto> ipsec policy Black Box2 172.16.0.2

Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2> match address 172.16.0.1 32 10.0.2.0 24

message: Default proposal created with priority1-esp-3des-sha1-tunnel and activated.

Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2> proposal 1 Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2/proposal 1> encryption-algorithm aes128-cbc

Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2/proposal 1> exit Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2> exit

Step 9: Display IPSec policies

Displays the policy just added.

Step 10: Display IPSec policies in detail

Shows the details of the IPSec policies.

25