Step 6: Display the IKE policies
Networks1> show crypto ike policy all
Step 7: Display the IKE policies in detail
Networks1> show crypto ike policy all detail
Step 8: Configure IPSec tunnel to the remote host
Networks1/configure/crypto> ipsec policy
Networks2 172.16.0.2
Networks1/configure/crypto/ipsec policy Networks2 172.16.0.2> match
address 172.16.0.1 32 10.0.2.0 24
message: Default proposal created with priority1-esp-3des-sha1-tunnel and
activated.
Networks1/configure/crypto> ipsec policy Networks2 172.16.0.2> proposal 1
Networks1/configure/crypto> ipsec policy Networks2 172.16.0.2/proposal -
algorithm aes128-cbc
Networks1/configure/crypto> ipsec policy Networks2 172.16.0.2/proposal 1>
exit
Networks1/configure/crypto> ipsec policy Networks2 172.16.0.2> exit
Note:
For IPSec only – when you create an outbound tunnel, an inbound tunnel is automatically
created. The inbound tunnel applies the name that you provide for the outbound tunnel and
adds the prefix IN to the name.
Step 9: Display IPSec policies
Networks1> show crypto ipsec policy all
Avaya Secure Router 1000 Series Configuration Guide
Example 2: Joining Two Private Networks with an IP Security Tunnel
December 2010
145