
Black Box LR11xx Series Router Configurations Guide
Step 2: As in Step2 of Example 1
Step 3: As in Step3 of Example 1
Step 4: Configure dynamic IKE policy for a group of mobile users
Black Box1/configure> crypto
Black Box1/configure/crypto> dynamic
Black Box1/configure/crypto/dynamic> ike policy sales
Black Box1/configure/crypto/dynamic/ike/policy sales>
Black Box1/configure/crypto/dynamic/ike/policy sales>
Anew user david is added to the group sales. The default proposal created with
Black Box1/configure/crypto/dynamic/ike/policy sales>
Black Box1/configure/crypto/dynamic/ike/policy | sales> key secretkeyforsalesusers | |||
Black Box1/configure/crypto/dynamic/ike/policy | sales> proposal 1 | |||
Black Box1/configure/crypto/dynamic/ike/policy | sales/proposal 1> | |||
|
|
|
| |
Black Box1/configure/crypto/dynamic/ike/policy | sales/proposal 1> exit | |||
Black Box1/configure/crypto/dynamic/ike/policy | sales> client authentication radius pap | |||
Black Box1/configure/crypto/dynamic/ike/policy | sales> exit | |||
Black Box1/configure/crypto/dynamic> |
|
| ||
Step 5: Display dynamic IKE policies |
|
|
| |
Black Box1> show crypto dynamic ike policy all |
| |||
Policy | Mode | Transform | ||
sales | U david@Blackbox... Aggressive P1 |
Step 6: Display dynamic IKE policies in detail
Black Box1> show crypto dynamic ike policy all detail
Policy name sales, User group name sales
Aggressive mode, Response Only, PFS is not enabled, Shared Key is *****
Client authentication is Radius(PAP)
Local addr: 172.16.0.1, Local ident 172.16.0.1
Remote idents are david@Blackbox.com
Proposal of priority 1
Encryption algorithm: 3des
Hash Algorithm: sha1
Authentication Mode:
DH Group: group1
Lifetime in seconds: 86400
Lifetime in kilobytes: unlimited
Step 7: Configure dynamic IPSec policy for a group of mobile users
36