Key Components of creating an IPSec tunnel in chronological order:
· Crypto Policy
· Transform-set
· Access-list
· Defining your crypto map
A crypto policy must be established identically on both the corporate router and
the third party corporation’s router including the pre-shared key.
Transform sets are a combination of security protocols and algorithms that
protect the data flow across the internet.
The crypto access list will specify which data traffic will pass through the IPSec
tunnel.
A crypto map pulls all the pieces together required to create an IPSEC
connection.
Once the crypto map has been established on both peering routers it is time to
apply the configuration to an interface.
http://www.sans.org/reading_room/whitepapers/vpns/understanding-configuring-ipsec-cisco-routers_1356
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml
No comments:
Post a Comment