- Foundry Router User Guide
Foundry AR-Series Router User Guide
15 - 32 © 2004 Foundry Networks, Inc. June 2004
Step 9: Display dynamic IPSec policies in detail:
Step 10: Configure radius server (applicable only if client authentication is configured in
dynamic IKE policy):
Router1# show crypto dynamic ipsec policy all detail
Policy sales is enabled, User group name sales
Direction is outbound, Action is Apply
Key Management is Automatic
PFS Group is disabled
Match Address:
Protocol is Any
Source ip address (ip/mask/port): (10.0.1.0/255.255.255.0/
any)
Destination ip address (ip/mask/port): (any/any/any)
Proposal of priority 1
Protocol: esp
Mode: tunnel
Encryption Algorithm: aes256(key length=256 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
Policy INsales is enabled, User group name sales
Direction is inbound, Action is Apply
Key Management is Automatic
PFS Group is disabled
Match Address:
Protocol is Any
Source ip address (ip/mask/port): (any/any/any)
Destination ip address (ip/mask/port): (10.0.1.0/
255.255.255.0/any)
Proposal of priority 1
Protocol: esp
Mode: tunnel
Encryption Algorithm: aes256(key length=256 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
Router1/configure# aaa
Router1/configure/aaa# radius
Router1/configure/aaa/radius# primary_server 172.168.2.1
Primary Radius server configured.
Router1/configure/aaa/radius# secondary_server 192.168.2.1
Secondary Radius server configured.
Router1/configure/aaa/radius# exit
Router1/configure/aaa# exit