Box security gateways – Black Box LR1102A-T1/E1 User Manual

Black Box LR11xx Series Router Configurations Guide

28

Black Box1/configure/crypto/> exit

Black Box1/configure> snmp

Black Box1/configure/snmp> community public rw

Black Box1/configure/snmp> exit

Step 12: Display SNMP communities

Blackbox>show snmp communities

Community = public, privileges=rw

Blackbox>

Step 13: Repeat steps 1 - 10 with suitable modifications on Black Box2 prior to managing Black Box1 from Black Box2’s LAN
side

Step 14: Test the IPSec tunnel for managing the Black Box1 router from a host on Black Box2’s LAN.

Step 15: When the SNMP manager starts managing Black Box1 from Black Box2’s LAN, display the IKE and IPSec SA
tables using:

show crypto ike sa all

show crypto ike sa all detail

show crypto ipsec sa all

show crypto ipsec sa all detail

4.3 Example 2: Single Proposal: Tunnel Mode Between

Two Black Box Security Gateways

The following example demonstrates how to form an IP security tunnel to join two private networks: 10.0.1.0/24 and
10.0.2.0/24. The security requirements are as follows:

„

Phase 1: 3DES with SHA1

„

Phase 2: IPSec ESP with AES (256-bit) and HMAC-SHA1

Figure 9 Tunnel Mode Between Two Black Box Security Gateways - Single Proposals

Step 1: Configure a WAN bundle of network type untrusted

UNTRUSTED

TRUSTED

TRUSTED

IPSec ESP

Tasman1

Tasman2

172.16.0.1

172.16.0.2

Network
10.0.1.0/24

Network
10.0.2.0/24

BlackBox 2

BlackBox 1