Справочник Пользователя для Ulterius Technologies LLC FDN40
CHAPTER 8: IKE
Configuration User Manual
186
© Ulterius Technologies, LLC 2016. Confidential & Proprietary.
8.3.2.2
DUT2 Configuration
Execute the following steps in DUT2:
Enter the Global configuration mode.
UltOs# configure terminal
Configure the pre-shared key for the peer.
UltOs(config)# vpn remote identity ipv4 35.0.0.1 psk mypresharedkey
Enter the policy configuration mode.
UltOs(config)# crypto map sa
Set the IKE version.
UltOs(config-crypto-map)# set ike version v1
Set the authentication method.
UltOs(config-crypto-map)# crypto key mode preshared
Set the IPSec mode as tunnel.
UltOs(config-crypto-map)# crypto ipsec mode tunnel
Set the peer IP (DUT1 WAN IP).
UltOs(config-crypto-map)# set peer 35.0.0.1
Set the peer identity.
UltOs(config-crypto-map)# isakmp peer identity ipv4 35.0.0.1
Set the local identity.
UltOs(config-crypto-map)# isakmp local identity ipv4 35.0.0.2
Set the phase 1 parameters.
UltOs(config-crypto-map)# isakmp policy encryption des hash md5
dh group2 exch main lifetime secs 1500
dh group2 exch main lifetime secs 1500
Set the phase 2 parameters.
UltOs(config-crypto-map)# crypto map ipsec encryption esp des
authentication esp sha1 pfs group2 lifetime secs 300
authentication esp sha1 pfs group2 lifetime secs 300
Set the access-list parameters.
UltOs(config-crypto-map)#access-list apply any source 192.168.2.0
255.255.255.0 destination 192.168.1.0 255.255.255.0
255.255.255.0 destination 192.168.1.0 255.255.255.0
Exit from the policy configuration mode.
UltOs(config-crypto-map)#exit
Make the policy active and bind to the WAN port.
UltOs(config)#interface wan 0/1
UltOs(config-if)# crypto map sa
Exit from the interface configuration mode.
UltOs(config-if)# end
View the configured VPN policy.
UltOs# show crypto map sa
VPN Policy Parameters
-------------------------