Foundry
Step 9: Display the IPSec policies:
Router1# show crypto ipsec policy all |
|
|
| ||
Policy | Peer | Match | Proto Transform | ||
Router2 | 172.16.0.2 | S 172.16.0.1/32/any | Any | P1 | |
|
|
|
|
| |
|
| D 10.0.2.0/24/any |
|
|
|
INRouter2 | 172.16.0.2 | S 10.0.2.0/24/any | Any | P1 | |
|
|
|
|
|
|
Step 10: Display IPSec policies in detail:
Router1# show crypto ipsec policy all detail
Policy name Router2 is enabled, Direction is outbound Peer Address is 172.16.0.2, Action is Apply
Key Management is Automatic PFS Group is disabled Match Address:
Protocol is Any
Source ip address (ip/mask/port): (172.16.0.1/255.255.255.255/
any)
Destination ip address (ip/mask/port): (10.0.2.0/ 255.255.255.0/any)
Proposal of priority 1 Protocol: esp Mode: tunnel
Encryption Algorithm: aes128(key length=128 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
Policy name INRouter2 is enabled, Direction is inbound Peer Address is 172.16.0.2, Action is Apply
Key Management is Automatic PFS Group is disabled Match Address:
Protocol is Any
Source ip address (ip/mask/port): (10.0.2.0/255.255.255.0/any)
Destination ip address (ip/mask/port): (172.16.0.1/ 255.255.255.255/any)
Proposal of priority 1 Protocol: esp Mode: tunnel
Encryption Algorithm: aes128(key length=128 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
15 - 6 | © 2004 Foundry Networks, Inc. | June 2004 |
