NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] CiSCO Commands for "Use Perfect Forward Secrecy"



Hello gurus of the list,

This may be an Off-Topic so I apologize. I just have a quick question. Is there a way to create a VPN tunnel between a CP
VPN-1 v4.1 SP3 and with a CiSCO Router by *enabling* "Use perfect Forward Secrecy" of the Firewall? I have established a
VPN tunnel, but I really don't know if there are appropriate commands for the CiSCO Router to support this feature.

Below are the commands I used on the CiSCO side:

Access-list 101 permit ip ..xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
Access-list 101 permit ip xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx

Crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash md5
 group 2

Crypto isakmp key abcdefghij address xxx.xxx.xxx.xxx
Crypro ipsec transform-set testset esp-des esp-md5-hmac

Crypto map testmap 10 ipsec-isakmp
 set peer xxx.xxx.xxx.xxx
 set transform-set testset
 match address 101

Interface Ethernet 0
 Crypto map testmap


Cheers,

Dimitris.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.