CCSP Self-Study: Securing Cisco IOS Networks (SECUR)

Configuring IPSec Manually

You can configure your keys manually. This section provides a brief discussion of how to do this and also details why manual key use is not generally recommended.

Use the set session-key command in crypto map configuration mode to manually specify the IPSec session keys within a crypto map entry. Use the no form of this command to remove IPSec session keys from a crypto map entry. This command is only available for ipsec-manual crypto map entries. The command has the following syntax:

					set session-key {inbound | outbound} ah
					spi hex-key-string
					set session-key {inbound | outbound} esp
					spi
					cipher
					hex-key-string [authenticator
					
					hex-key-string]

inbound— Sets the inbound IPSec session key. (You must set both inbound and ...

Get CCSP Self-Study: Securing Cisco IOS Networks (SECUR) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) by John F. Roland

Configuring IPSec Manually

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly