[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] CiSCO Commands for "Use Perfect Forward Secrecy"
Hello gurus of the list, This may be an Off-Topic so I apologize. I just have a quick question. Is there a way to create a VPN tunnel between a CP VPN-1 v4.1 SP3 and with a CiSCO Router by *enabling* "Use perfect Forward Secrecy" of the Firewall? I have established a VPN tunnel, but I really don't know if there are appropriate commands for the CiSCO Router to support this feature. Below are the commands I used on the CiSCO side: Access-list 101 permit ip ..xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx Access-list 101 permit ip xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx Crypto isakmp policy 10 authentication pre-share encryption des hash md5 group 2 Crypto isakmp key abcdefghij address xxx.xxx.xxx.xxx Crypro ipsec transform-set testset esp-des esp-md5-hmac Crypto map testmap 10 ipsec-isakmp set peer xxx.xxx.xxx.xxx set transform-set testset match address 101 Interface Ethernet 0 Crypto map testmap Cheers, Dimitris. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|