SECUR Exam Cram™ 2 (Exam 642-501)

Creating IKE Policies

The IKE policies you configure are in fact security policies that will be used to secure traffic flowing across the IKE Phase 1 tunnel. Remember, no user data traffic flows across the IKE Phase 1 tunnel. This tunnel is simply used to securely negotiate the IKE Phase 2 tunnel, which is another name for the IPSec tunnel.

The commands you use to create an IKE Phase 1 security policy follow:

crypto isakmp policy priority
  encryption {des | 3des}
  hash {sha | md5}
  authentication {rsa-sig | rsa-encr | pre-share}
  group {1 | 2 | 5}
  lifetime seconds

If you are using IOS Release 12.2(13)T or later, you will also see additional encryption options supported for the Advanced Encryption Standard (AES). The AES keywords are {aes | aes ...

Get SECUR Exam Cram™ 2 (Exam 642-501) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SECUR Exam Cram™ 2 (Exam 642-501) by Raman Sud, Ken Edelman

Creating IKE Policies

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly