Step 1: as in step1 of example 1, Step 2: as in step2 of example 1, Step 3: as in step3 of example 1 – Black Box LR1102A-T1/E1 User Manual

Page 39: Step 5: display dynamic ike policies

Advertising
background image

Example 5: IPSec remote access

41

Step 1: As in Step1 of Example 1

Step 2: As in Step2 of Example 1

Step 3: As in Step3 of Example 1

Step 4: Configure dynamic IKE policy for a group of mobile users

Black Box1/configure> crypto

Black Box1/configure/crypto> dynamic

Black Box1/configure/crypto/dynamic> ike policy sales modecfg-group

Black Box1/configure/crypto/dynamic/ike/policy sales> local-address 192.168.55.52

Black Box1/configure/crypto/dynamic/ike/policy sales> remote-id email [email protected]

The default proposal is created with priority1-des-sha1-pre_shared-g1, the Key String has to be configured by the user, and the
default IPSec proposal 'sales' added with priority1-3des-sha1-tunnel.

Black Box1/configure/crypto/dynamic/ike/policy sales> remote-id email [email protected]

Black Box1/configure/crypto/dynamic/ike/policy sales> key secretkeyforsales

Black Box1/configure/crypto/dynamic/ike/policy sales> proposal 1

Black Box1/configure/crypto/dynamic/ike/policy sales/proposal 1> encryption-algorithm

3des-cbc

Black Box1/configure/crypto/dynamic/ike/policy sales/proposal 1> exit

Black Box1/configure/crypto/dynamic/ike/policy sales> client configuration

Black Box1/configure/crypto/dynamic/ike/policy sales/client/configuration> address-

pool 1 20.1.1.100 20.1.1.150

Black Box1/configure/crypto/dynamic/ike/policy sales/client/configuration> exit

Black Box1/configure/crypto/dynamic/ike/policy sales> exit

Black Box1/configure/crypto/dynamic> exit

Step 5: Display dynamic IKE policies

Tasman #1

VPN Server

172.16.0.1

Mode Config IP

Pool:

10.0.1.100-

10.0.1.150

Corporate

Headquarters

10.0.1.0/24

IPSEC TU

NNEL

VPN Client 1

Local Outer Address:

Dynamic

Local Inner Assigned

Address: 10.0.1.100/32

Local ID:

david@tasmannetworks.

com

IPSEC TUNNEL

VPN Client 2

Local Outer Address:

Dynamic

Local Inner Assigned

Address: 10.0.1.101/32

Local ID:

mike@tasmannetworks.

com

Black Box 1

blackbox.com

blackbox.com

Advertising
This manual is related to the following products: