Figure 17 Assigning the IP Security Policy
Step 11: Verifying the ConfigurationTo verify your configuration, generate traffic that matches the address filter.
On the
ipsec_report
In this example, IPsec secures telnet connections from the Windows system to the
The Windows system's address is 10.1.1.1
The
Windows Configuration
The Windows administrator configures and assigns an IP Security policy with the following parameters:
•One rule, with the following parameters:
—Filter List: One filter, with the following parameters:
◦Addressing:
–Source address: the Windows system's address.
–Destination address: the
–Mirrored: yes (the Mirrored box is selected). These parameters are shown in Figure 5 (page 19).
◦Protocol: TCP; source port any, destination port 23 (telnet).
–Protocol: TCP
–From port: any
–To port: 23 (telnet server)
These parameters are shown in Figure 6 (page 20).
—Filter Action: Negotiate security, using the default settings for Encryption and Integrity (authenticated ESP using 3DES and SHA1).
—Authentication Method: IKE using the preshared key my_preshared_key, as shown in Figure 12 (page 26).
—Tunnel Settings: No tunnel (this is the default).
—Connection Type: All network connections (this is the default).
•General parameters: The general parameters for the policy are set to the default values (four IKE SA proposals, including 3DES encryption, SHA1 integrity and
Configuring a Windows