Black Box LR11xx Series Router Configurations Guide
30
For IPSec only – when you create an outbound tunnel, an inbound tunnel is au tomatica lly created . T he inbound tunnel applies the nam e tha t
you provide for the outbound tunnel and adds the prefix β€œIN” to the name.
message: Default proposal created with priority1-esp-3des-sha1-tunnel and activated.
Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2> proposal 1
Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2/proposal 1>
encryption-algorithm aes256-cbc
Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2/proposal 1> exit
Black Box1/configure/crypto/ipsec/policy Black Box2 172.16.0.2> exit

Step 8: Display IPSec policies

Using the show crypto ipsec policy all command.
Step 8.1: Configure firewall policies to allow IKE negotiation through untrusted interface (applicable only if firewall license is also
enabled)
Black Box1/configure> firewall internet
Black Box1/configure/firewall internet> policy 1000 in service ike self
Black Box1/configure/firewall internet/policy 1000 in> exit
Black Box1/configure/firewall internet> exit
Step 8.2: Display firewall policies in the internet map (applicable only if firewall license is enabled)
Black Box1> show firewall policy internet
Advanced: S - Self Traffic, F - Ftp-Filter, H - Http-Filter,
R - Rpc-Filter, N - Nat-Ip/Nat-Pool, L - Logging,
E - Policy Enabled, M - Smtp-Filter
Pri Dir Source Addr Destination Addr Sport Dport Proto Action Advanced
--- --- ----------- ---------------- ----------------- ------ --------
1000 in any any ike PERMIT SE
1024 out any any any any any PERMIT SE
Step 8.3: Display firewall policies in the internet map in detail (applicable only if firewall license is enabled)