Skip to main content

How to configure IPSEC static route?



Secure data traffic flow between vEdges, IPSEC is the mode of transport for data traffic to flow from one vEdge to another vEdge as overlay network. IPsec tunnels that run the Internet Key Exchange (IKE) protocol provide authentication and encryption to ensure secure packet transport.

Internet Protocol Security is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks.


How to configure IPSEC static route? - Internet Protocol Security


Tunnel Redundancy:

The interface is the IPsec tunnel interface in VPN 0. You can configure one or two IPsec tunnel interfaces. If you configure two, the first is the primary IPsec tunnel, and the second is the backup. With two interfaces, all packets are sent only to the primary tunnel. If that tunnel fails, all packets are then sent to the secondary tunnel. If the primary tunnel comes back up, all traffic is moved back to the primary IPsec tunnel.




Cisco (config)# vpn 0 interface ipsec 1
Cisco (config-interface-ipsec)# ip address 192.168.10.1 255.255.255.0
Cisco (config-interface-ipsec)# tunnel-source-interface ge0/1.1108
Cisco (config-interface-ipsec)# tunnel-destination 172.16.1.1
Cisco (config-interface-ipsec)# no shutdown


How to Configure the IPSEC static route

Cisco (config) # vpn 1
Cisco(config-vpn) # ip ipsec-route 192.168.10.1 vpn 0 interface ipsec 1
Cisco(config)# vpn vpn-id interface ipsec 1 ike

Enable IKE 1

Cisco(config-ike)# mode aggressive
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# group 15
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# cipher-suite aes128-cbc-sha1 (SHA Value)
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# rekey 3600 ( Seconds)
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# authentication-type pre-shared-key pre-shared-secret NDNA
Cisco (config-authentication-type) # local-id 192.168.10.1
Cisco(config-authentication-type) # remote-id 172.16.1.1

Enable IKE 2

Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# group 15
Cisco(config-ike)# cipher-suite aes128-cbc-sha1 (SHA Value)
Cisco(config-ike)# rekey 3600 ( Seconds)
Cisco(config-ike)# authentication-type pre-shared-key pre-shared-secret NDNA
Cisco (config-authentication-type) # local-id 192.168.10.1
Cisco(config-authentication-type) # remote-id 172.16.1.1
Cisco(config-interface-ipsec 1)# ipsec
Cisco(config-ipsec)# cipher-suite aes256-cbc-sha1
Cisco(config-ike)# rekey 3600 ( Seconds)
Cisco(config-ipsec)# perfect-forward-secrecy group-15
Cisco(config-ipsec)# replay-window 256


Labels:

Comments

Post a Comment

Popular posts from this blog

What is STP? - Explain Advantages and Disadvantages

The Spanning Tree Protocol is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. STP is a protocol. It actively monitors all links of the network. To finds a redundant link, it uses an algorithm, known as the STA (spanning-tree algorithm). The STA algorithm first creates a topology database then it finds and disables the redundant links. Once redundant links are disabled, only the STP-chosen links remain active. If a new link is added or an existing link is removed, the STP re-runs the STA algorithm and re-adjusts all links to reflect the change. STP (Spanning Tree Protocol) automatically removes layer 2 switching loops by shutting down the redundant links. A redundant link is an additional link between two switches. A redundant link is usually created for backup purposes. Just like every coin has two sides, a redundant link, along with
5 comments
Read more

What are the Advantages and Disadvantages of TCP/UDP ?? Difference between TCP and UDP

As in previous blog we have define and explain about what is TCP and UDP and from now we are moving ahead with Advantages, Disadvantages and Difference of TCP and UDP but for this you have to know about TCP and UDP hence to understand it go for a What is TCP and UDP . Advantage of TCP Here, are pros/benefits of TCP: It helps you to establish/set up a connection between different types of computers. It operates independently of the operating system. It supports many routing-protocols. It enables the internetworking between the organizations. TCP/IP model has a highly scalable client-server architecture. It can be operated independently. Supports several routing protocols. It can be used to establish a connection between two computers. Disadvantages of TCP Here, are disadvantage of using TCP: TCP never conclude a transmission without all data in motion being explicitly asked. You can't use for broadcast or multicast transmission. TCP has no block boundaries, so you
Post a Comment
Read more