I am studying for my CSS-1. The one area I am struggling with is IPsec and IKE. I took an example from Cramsession.com's MCNS study guide. There are similiar examples in the MCNS Cisco press book and the PIX advanced CIsco Press book.
Here are the IPsec commands: crypto ipsec trasform-set testset1 esp-des esp-sha-hmac crypto map testmap1 10 ipsec-isakmp crypto map testmap1 10 match address 102 crypto map testmap1 10 set peer 209.223.140.2 crypto map testmap1 10 set tranform set testset1 Here are the IKE commands: isakmp enable outside isamkmp policy 21 isamkmp policy 21 encryption des isamkmp policy 21 hash sha isamkmp policy 21 authentication rsa-sig isamkmp policy 21 group 2 isamkmp policy 21 lifetime 4000 Here is how I understand the relationship between IPSec and IKE. If it is IKE's job to make IPSec configuration and management easier, then why do you have to configure all the commands for IPSec AND IKE? Wouldn't you just configure IPSec if you weren't using IKE and if you were using IKE, why do you need to configure IPSec? __________________________________________________ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42162&t=42162 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
