Skip to main content

How to configure IPSEC static route?



Secure data traffic flow between vEdges, IPSEC is the mode of transport for data traffic to flow from one vEdge to another vEdge as overlay network. IPsec tunnels that run the Internet Key Exchange (IKE) protocol provide authentication and encryption to ensure secure packet transport.

Internet Protocol Security is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks.


How to configure IPSEC static route? - Internet Protocol Security


Tunnel Redundancy:

The interface is the IPsec tunnel interface in VPN 0. You can configure one or two IPsec tunnel interfaces. If you configure two, the first is the primary IPsec tunnel, and the second is the backup. With two interfaces, all packets are sent only to the primary tunnel. If that tunnel fails, all packets are then sent to the secondary tunnel. If the primary tunnel comes back up, all traffic is moved back to the primary IPsec tunnel.




Cisco (config)# vpn 0 interface ipsec 1
Cisco (config-interface-ipsec)# ip address 192.168.10.1 255.255.255.0
Cisco (config-interface-ipsec)# tunnel-source-interface ge0/1.1108
Cisco (config-interface-ipsec)# tunnel-destination 172.16.1.1
Cisco (config-interface-ipsec)# no shutdown


How to Configure the IPSEC static route

Cisco (config) # vpn 1
Cisco(config-vpn) # ip ipsec-route 192.168.10.1 vpn 0 interface ipsec 1
Cisco(config)# vpn vpn-id interface ipsec 1 ike

Enable IKE 1

Cisco(config-ike)# mode aggressive
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# group 15
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# cipher-suite aes128-cbc-sha1 (SHA Value)
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# rekey 3600 ( Seconds)
Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# authentication-type pre-shared-key pre-shared-secret NDNA
Cisco (config-authentication-type) # local-id 192.168.10.1
Cisco(config-authentication-type) # remote-id 172.16.1.1

Enable IKE 2

Cisco(config)# vpn 1 interface ipsec 1 ike
Cisco(config-ike)# group 15
Cisco(config-ike)# cipher-suite aes128-cbc-sha1 (SHA Value)
Cisco(config-ike)# rekey 3600 ( Seconds)
Cisco(config-ike)# authentication-type pre-shared-key pre-shared-secret NDNA
Cisco (config-authentication-type) # local-id 192.168.10.1
Cisco(config-authentication-type) # remote-id 172.16.1.1
Cisco(config-interface-ipsec 1)# ipsec
Cisco(config-ipsec)# cipher-suite aes256-cbc-sha1
Cisco(config-ike)# rekey 3600 ( Seconds)
Cisco(config-ipsec)# perfect-forward-secrecy group-15
Cisco(config-ipsec)# replay-window 256


Labels:

Comments

Post a Comment

Popular posts from this blog

What is STP? - Explain Advantages and Disadvantages

The Spanning Tree Protocol is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. STP is a protocol. It actively monitors all links of the network. To finds a redundant link, it uses an algorithm, known as the STA (spanning-tree algorithm). The STA algorithm first creates a topology database then it finds and disables the redundant links. Once redundant links are disabled, only the STP-chosen links remain active. If a new link is added or an existing link is removed, the STP re-runs the STA algorithm and re-adjusts all links to reflect the change. STP (Spanning Tree Protocol) automatically removes layer 2 switching loops by shutting down the redundant links. A redundant link is an additional link between two switches. A redundant link is usually created for backup purposes. Just like every coin has two sides, a redundant link, along with...
5 comments
Read more

How to Reset Steam Password? – Recover Your Steam Password

Are you suffering with Reset Steam Password? This blog will help you. What is Steam? Steam is the online website for getting the best games for paid. If you are a true game lover then you should have an active account on Steam. Many of people lost their password during the  PC clean-up  or any other circumstances. At that time they have to reset Password of all accounts. Then if you facing issues with the password, you forced to Steam reset password to access the Steam account. We are going to share the guide that how to recover your forgotten Steam Password and make your existing account ready. First of all, you should have enough knowledge about what is Steam and why Steam Account required? Why Steam Account Requires? Before jump into password recovery and Login details, let me clear about why Steam Account required? There are several benefits of this Steam Account from where you can easily download PC games as well as software. Though it will be p...
Post a Comment
Read more