Crypto IPsec Ikev2

Site-to-Site VPN Tunnel using crypto IPsec IKEV2. Very important to not lose track of names

crypto ikev2 keyring ANYNAME-THAT-HELPS-KEEP-TRACK
 peer ANYNAME-THAT-HELPS-KEEP-TRACK
  address 0.0.0.0 0.0.0.0
  identity key-id ANYNAME-THAT-HELPS-KEEP-TRACK
  pre-shared-key local 6 GIBBERISH
  pre-shared-key remote 6 GIBBERISH
 !
!
crypto ikev2 profile ANYNAME-THAT-HELPS-KEEP-TRACK
 match identity remote key-id ANYNAME-THAT-HELPS-KEEP-TRACK
 identity local key-id LOCAL-ROUTER-NAME
 authentication remote pre-share
 authentication local pre-share
 keyring local ANYNAME-THAT-HELPS-KEEP-TRACK
 dpd 10 3 periodic
 nat keepalive 30
!
crypto logging ikev2
!
crypto isakmp aggressive-mode disable
!
crypto ipsec security-association idle-time 60
!
crypto ipsec transform-set SET-NAME esp-aes 256
 mode transport
!
crypto ipsec profile ANYNAME-THAT-HELPS-KEEP-TRACK
 set transform-set SET-NAME
 set ikev2-profile ANYNAME-THAT-HELPS-KEEP-TRACK
!
interface Tunnel1
 tunnel source GigabitEthernet0/0/0
 tunnel destination X.X.X.X
 tunnel protection ipsec profile ANYNAME-THAT-HELPS-KEEP-TRACK
 crypto ipsec df-bit clear
!

Crypto IPsec Ikev2

Tags

Related Post

Secure Tunnel Over SSH

BGP Confederations

Cisco Nexus vPC links

Well Known BGP Communities

Precious Metal Comparator