C H A P T E R 9
Configuring IPSec Network Security
Displaying SSH Protocol Status
SSH Authentication Using Digital Certificates
Passwordless File copy and SSH
About IPsec
168
About IKE
169
IPsec Prerequisites
170
Using IPsec
170
IPsec Compatibility
170
IPsec and IKE Terminology
Supported IPsec Transforms and Algorithms
Supported IKE Transforms and Algorithms
IPsec Digital Certificate Support
Implementing IPsec Without CAs and Digital Certificates
Implementing IPsec with CAs and Digital Certificates
How CA Certificates Are Used by IPsec Devices
Manually Configuring IPsec and IKE
About IKE Initialization
Enabling IKE
177
About the IKE Domain
Configuring the IKE Domain
About IKE Tunnels
178
About IKE Policy Negotiation
Configuring an IKE Policy
Optional IKE Parameter Configuration
Configuring the Lifetime Association for a Policy
Configuring the Keepalive Time for a Peer
Configuring the Initiator Version
Clearing IKE Tunnels or Domains
Refreshing SAs
184
Crypto IPv4-ACLs
184
About Crypto IPv4-ACLs
Crypto IPv4-ACL Guidelines
161
162
163
167
171
172
173
173
175
176
176
177
177
178
179
181
182
183
183
184
184
185
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
173
174
Contents
xi