Router1# show crypto dynamic ike policy all detail, Policy name sales, modeconfig group, Address pool – Foundry Networks AR3202-CL User Manual
Page 265: Pool# 1: 20.1.1.100 to 20.1.1.150, Proposal of priority 1, Encryption algorithm: 3des, Hash algorithm: sha1, Authentication mode: pre-shared-key, Dh group: group1, Lifetime in seconds: 86400
Foundry AR-Series Router User Guide
15 - 40
© 2004 Foundry Networks, Inc.
June 2004
Step 6: Display dynamic IKE policies in detail:
Step 7: Configure dynamic IPSec policy for a group of mobile users:
Step 8: Display dynamic IPSec policies:
Router1# show crypto dynamic ike policy all detail
Policy name sales, Modeconfig group
Aggressive mode, Response Only, PFS is not enabled, Shared Key is
*****
Local addr: 192.168.55.52, Local ident 192.168.55.52 (ip-address)
Remote idents are [email protected] (email-id), [email protected]
(email-id)
Address Pool:
Pool# 1: 20.1.1.100 to 20.1.1.150
Proposal of priority 1
Encryption algorithm: 3des
Hash Algorithm: sha1
Authentication Mode: pre-shared-key
DH Group: group1
Lifetime in seconds: 86400
Lifetime in kilobytes: unlimited
Router1/configure/crypto#
Router1/configure/crypto# dynamic
Router1/configure/crypto/dynamic# ipsec policy sales modecfg-group
Router1/configure/crypto/dynamic/ipsec/policy sales# match address
10.0.1.0 24
Router1/configure/crypto/dynamic/ipsec/policy sales# proposal 1
Router1/configure/crypto/dynamic/ipsec/policy sales/proposal 1#
encryption-algorithm aes256-cbc
Router1/configure/crypto/dynamic/ipsec/policy sales/proposal 1# exit
Router1/configure/crypto/dynamic/ipsec/policy sales# exit
Router1/configure/crypto/dynamic# exit
Router1# show crypto dynamic ipsec policy all
Policy Match Proto Transform
------ ----- ----- ---------
sales S 10.0.1.0/24/any Any P1 esp-aes-sha1-tunl
D any/any/any