Cisco 7100 Series Spezifikationen Seite 52
- Seite / 112
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Step 3—Configuring Encryption
Cisco 7100 Series VPN Configuration Guide
3-22
Defining Transform Sets
A transform set represents a certain combination of security protocols and algorithms.
During the IPSec SA negotiation, the peers agree to use a particular transform set for
protecting a particular data flow.
You can specify multiple transform sets, and then specify one or more of these transform
sets in a crypto map entry. The transform set defined in the crypto map entry will be used
in the IPSec SA negotiation to protect the data flows specified by that crypto map entry’s
access list.
DuringIPSec SA negotiations withIKE, the peers search for a transform set that is thesame
at both peers. When such a transform set is found, it is selected and is applied to the
protected traffic as part of both peers’ IPSec SAs.
With manually established SAs, there is no negotiation with the peer, so both sides must
specify the same transform set.
If you change a transform set definition, the change is only applied to crypto map entries
that reference the transform set. The change will not be applied to existing SAs, but will be
used in subsequent negotiations to establish new SAs.
To define a transform set, complete the following steps starting in global configuration
mode:
Step Command Purpose
1
hq-sanjose(config)# crypto ipsec
transform-set proposal1 ah-sha-hmac
esp-des esp-sha-hmac
Define a transform set and enter crypto-transform
configuration mode. This example combines AH
1
transform ah-sha-hmac, ESP
2
encryption transform
esp-des, and ESP
2
authentication transform
esp-sha-hmac in the transform set proposal1.
There are complex rules defining which entries you
can use for the transform arguments. These rules are
explained in the command description for the crypto
ipsec transform-set command. You can also use the
crypto ipsec transform-set? command, in global
configuration mode, to view the available transform
arguments.
- Cisco 7100 Series VPN 1
- Configuration Guide 1
- Preface vii 3
- Audience 4
- Organization 5
- Related Documentation 6
- Preface xi 7
- Conventions 8
- Cisco Connection Online 9
- Documentation CD-ROM 10
- Using Cisco IOS Software 11
- Getting Help 12
- Finding Command Options 13
- • controller t1 1 13
- Understanding Command Modes 18
- Summary of Main Command Modes 19
- Router(config-if)# 20
- Router(config-subif)# 20
- Saving Configuration Changes 21
- Saving Configuration Changes 22
- Before You Begin 23
- Considerations 25
- Before You Begin 2-5 27
- Assumptions 29
- Intranet VPN Business 31
- Scenario 31
- Scenario Description 32
- Step 1—Configuring the Tunnel 34
- Step 1—Configuring the Tunnel 35
- Step 3—Configuring Encryption 41
- Configuring IKE Policies 43
- Creating Policies 44
- • RSA signatures method: 45
- Configuring Preshared Keys 46
- Verifying IKE Policies 48
- Configuring IPSec 49
- Creating Crypto Access Lists 51
- Verifying Crypto Access Lists 51
- Defining Transform Sets 52
- Step 3—Configuring Encryption 54
- Verifying Transform Sets 55
- Creating Crypto Map Entries 58
- Verifying Crypto Map Entries 59
- To verify the configuration: 65
- Extranet VPN Business 73
- 67890 address 172.17.2.4 83
- Tunnel mode 88
- Transport mode 88
- Configuring Crypto Maps 89
- Configuring Crypto Maps 93
Verwandte Produkte und Handbücher für Vernetzung Cisco 7100 Series
Vernetzung Cisco VPN 3000 Bedienungsanleitung
(25 Seiten)
(25 Seiten)
Vernetzung Cisco 1802W Bedienungsanleitung
(40 Seiten)
(40 Seiten)
Vernetzung Cisco 4500M Installationsanleitung
(32 Seiten)
(32 Seiten)
Vernetzung Cisco VPN 3000 Betriebsanweisung
(502 Seiten)
(502 Seiten)
Vernetzung Cisco EF3116 Bedienungsanleitung
(8 Seiten)
(8 Seiten)
Vernetzung Cisco 826 Bedienungsanleitung
(8 Seiten)
(8 Seiten)
Vernetzung Cisco 1861 Bedienungsanleitung
(13 Seiten)
(13 Seiten)
Vernetzung Cisco TES301 Bedienungsanleitung
(52 Seiten)
(52 Seiten)
Vernetzung Cisco MGBSX1 Bedienungsanleitung
(16 Seiten)
(16 Seiten)
Vernetzung Cisco PA-2FE-TX Spezifikationen
(60 Seiten)
(60 Seiten)
Vernetzung Cisco 880 Series Bedienungsanleitung
(18 Seiten)
(18 Seiten)
Vernetzung Cisco EPC3825 Bedienungsanleitung
(8 Seiten)
(8 Seiten)
Vernetzung Cisco DPC3008 Betriebsanweisung
(44 Seiten)
(44 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.054 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern