SECUR Exam Cram™ 2 (Exam 642-501)

Configuring ISAKMP Identity

When IPSec peers authenticate one another during IKE Phase 1 negotiations using a preshared key, the peers also use either an IP address or hostname to authenticate each other. You should set the router's identity to an IP address if you will use only one interface to establish a tunnel with the remote peer. However, if you want to use multiple interfaces to establish an IPSec tunnel, you should set the router's identity to its hostname. The command syntax to configure the router's identity is

Router(config)# crypto isakmp identity {address | hostname}

For example, if you want to use the router's hostname along with the preshared key to perform authentication, use the following command:

 Router(config)# crypto isakmp ...

Get SECUR Exam Cram™ 2 (Exam 642-501) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SECUR Exam Cram™ 2 (Exam 642-501) by Raman Sud, Ken Edelman

Configuring ISAKMP Identity

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly