cisco_l2l_ipsec_-_new
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| cisco_l2l_ipsec_-_new [2024/07/14 21:37] – old revision restored (2024/07/14 13:04) 52.230.152.101 | cisco_l2l_ipsec_-_new [2024/07/14 23:57] (current) – old revision restored (2024/07/14 17:34) 52.230.152.95 | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| For manamgement purposes - negotiation of new keys, health status, variables\\ | For manamgement purposes - negotiation of new keys, health status, variables\\ | ||
| This is the management channel, and the first thing that gets created - the policy set, nothing but negotiation of param (how to secure, how to auth, encypt algo, key-lifetime).\\ | This is the management channel, and the first thing that gets created - the policy set, nothing but negotiation of param (how to secure, how to auth, encypt algo, key-lifetime).\\ | ||
| - | This is an agreement of how to do crypto. If the param are OK on both sides, we have achevied Phase 1\\ | + | This is an agreement of how to do crypto. |
| + | If the policy | ||
| show crypto isakmp sa\\ | show crypto isakmp sa\\ | ||
| Line 9: | Line 11: | ||
| The goal is to create IPSEC SA\\ | The goal is to create IPSEC SA\\ | ||
| The transform set - how to secure the end user data. When the transform set param are the same on both ends, we will then have 2 IPSEC SA (inbound and outbound)\\ | The transform set - how to secure the end user data. When the transform set param are the same on both ends, we will then have 2 IPSEC SA (inbound and outbound)\\ | ||
| + | If IPSEC is down, transform set needs to be checked.\\ | ||
| When Phase 1 and Phase 2 are completed we will then have 3 SA:\\ | When Phase 1 and Phase 2 are completed we will then have 3 SA:\\ | ||
cisco_l2l_ipsec_-_new.txt · Last modified: 2024/07/14 23:57 by 52.230.152.95