IPSec EXAMPLES
Step 8: Configure the IPSec tunnel to the remote host
Networks1/configure/crypto> ipsec policy
Networks2 172.16.0.2
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2> match address 10.0.1.0 24 10.0.2.0 24
message: Default proposal created with
priority1-esp-3des-sha1-tunnel and activated.
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2> proposal 1
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2/proposal 1> encryption-algorithm des-cbc
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2/proposal 1> exit
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2> proposal 2
message: Proposal added with
priority2-esp-3des-sha1-tunnel.
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2/proposal 2> encryption-algorithm aes256-cbc
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2/proposal 2> exit
Networks1/configure/crypto/ipsec/policy Networks2
172.16.0.2> exit
Networks1/configure/crypto> exit
Networks1/configure>
Note:
For IPSec only – when you create an outbound tunnel, an inbound tunnel is automatically
created. The inbound tunnel applies the name that you provide for the outbound tunnel and
adds the prefix IN to the name.
Step 9: Display the IPSec policies
Networks1> show crypto ipsec policy all
Step 10: Display IPSec policies in detail
Networks1> show crypto ipsec policy all detail
140
Avaya Secure Router 1000 Series Configuration Guide
December 2010