Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.
IKE Phase I Parameters Mode: Main mode Encryption: AES (128 bit) Integrity: SHA1 Diffie-Hellman group: Group 2 (1024 bit) Authentication Method: Pre-shared secret (32 characters in length minimum) Security Association Lifetime: 28800 seconds IKE Phase II Parameters Mode: ESP tunnel mode Encryption: AES (128 bit) Integrity: SHA1 Perfect Forward Secrecy: ON Diffie-Hellman group: Group 2 (1024 bit) Time Rekeying: ON Kbyte Rekeying: OFF Security Association Lifetime: 3600 seconds
crypto isakmp policy 10 encr aes authentication pre-share group 2 crypto isakmp key xxxxxxx address x.x.x.x (vcloud ip) no-xauth crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac access-list 100 permit ip 192.168.2.0 0.0.0.255 10.249.18.0 0.0.0.255 (lan to vcloud) access-list 100 permit ip 10.249.18.0 0.0.0.255 192.168.2.0 0.0.0.255 (vcloud to lan) crypto map PFSVPN 15 ipsec-isakmp set peer x.x.x.x (vcloud ip) set transform-set 3DES-SHA set pfs group2 match address 100 interface FastEthernet0/0 (interface that has the WAN) crypto map PFSVPN
Join the community of 500,000 technology professionals and ask your questions.
Connect with top rated Experts
13 Experts available now in Live!