Black Box LR1102A-T1/E1 User Manual
Page 91
IPSec Remote Access Mode Con-
93
To configure the IKE policy for negotiating with VPN clients needing access to the corporate private network 10.0.1.0.
Blackbox/configure>crypto corp
Blackbox/configure/crypto>dynamic
Blackbox/configure/crypto/dynamic>ike policy IDCsales modecfg-group
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>modeconfig-group
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>local-address 172.16.0.1
To configure the user name (optional) for remote-id:
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>remote-id email-id sampledata
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>remote-id email-id sampledata
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>key pskforsalesusers
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>proposal 1
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>encryption-algorithm 3des-cbc
Blackbox/configure/crypto/dynamic/ike/policy IDCsales>exit
Blackbox/configure/crypto/dynamic>client configuration
# configure address pool for modecfg client
address-pool 1 20.1.1.100 20.1.1.150
To configure the IPSec policy for negotiating with VPN clients needing access to the corporate private network 10.0.1.0.
Blackbox/configure/crypto/dynamic>ipsec policy IDCsales
Blackbox/configure/crypto/dynamic/ipsec/policy IDCSales>match address 10.0.1.0 24
Blackbox/configure/crypto/dynamic/ipsec/policy IDCSales>proposal 1
Blackbox/configure/crypto/dynamic/ipsec/policy IDCSales/proposal 1>encryption-algorithm
aes256-cbc
1.
Bundle must be encapsulated first steps TBC.