Cisco Systems 520 series manual Configure Group Policy Information

Command or Action

Purpose

Step 5

group {1 2 5}

Specifies the Diffie-Hellman group to be used in

an IKE policy.

Example:

Router(config-isakmp)# group 2

Router(config-isakmp)#

Step 6

lifetime seconds

Specifies the lifetime, 60–86400 seconds, for an

IKE security association (SA).

Example:

Router(config-isakmp)# lifetime 480

Router(config-isakmp)#

Step 7

exit

Exits IKE policy configuration mode, and enters

global configuration mode.

Example:

Router(config-isakmp)# exit

Router(config)#

Command or Action

Purpose

Step 1

crypto isakmp client configuration group

Creates an IKE policy group containing attributes

{group-name default}

to be downloaded to the remote client.

Also enters the Internet Security Association Key

and Management Protocol (ISAKMP) group

Example:

policy configuration mode.

Router(config)# crypto isakmp client

configuration group rtr-remote

Router(config-isakmp-group)#

Step 2

key name

Specifies the IKE pre-shared key for the group

policy.

Example:

Router(config-isakmp-group)# key

secret-password

Router(config-isakmp-group)#

Step 3

dns primary-server

Specifies the primary Domain Name System

(DNS) server for the group.

Example:

Note You may also want to specify Windows

Router(config-isakmp-group)# dns 10.50.10.1

Internet Naming Service (WINS) servers

Router(config-isakmp-group)#

for the group by using the wins command.

6-4

OL-14210-01