Summary
This chapter showed you the basics of setting up ISAKMP/IKE Phase 1. The defining of the policy statements on a router is straightforward. With three types of device authentication to choose from, pre-shared keys is the simplest to configure but scales the least; certificates are the hardest to implement, but scale the best. And with the ability of a Cisco router to function as a CA, you can deploy certificate services easily using existing equipment.
Next up is Chapter 17, “Router Site-to-Site Connections,” where I show you how to configure your router to establish various types of site-to-site sessions with remote peers, covering topics such as static and dynamic crypto maps, the Tunnel Endpoint Discovery (TED) protocol, dynamic multipoint ...
Get The Complete Cisco VPN Configuration Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
