Manualshelf

- Foundry Router User Guide

ManualsBrandsFoundry Networks ManualsNetwork RouterAR3201
251252253254255256257258259260
Security Features
June 2004 © 2004 Foundry Networks, Inc. 15 - 27
Step16: Repeat steps 1 -15 with suitable modifications on Router2 prior to passing bi-
directional traffic.
Step 17: Test the IPSec tunnel between Router1 and Router2 by passing traffic from the 10.0.1.0
network to the 10.0.2.0 network.
Step 18: After traffic is passed through the tunnel, display the IKE and IPSec SA tables.
Router1# show crypto ike sa all
Policy Peer State Bytes Transform
------ ---- ----- ----- ---------
Router2 172.16.0.2 SA_MATURE 1796 pre-g1-3des-sha1
Router1# show crypto ike sa all detail
Crypto Policy name: Router2
Remote ident 172.16.0.2
Peer Address is 172.16.0.2
Transform: 3des, sha1, pre-shared-key
DH Group: group1
Bytes Processed 1796
State is SA_MATURE
Mode is Main
Remaining Time in Sec: 86380
Life Time in Sec: 86400, Life Time in Bytes is unlimited
Router1# show crypto ipsec sa all
Policy Dest IP Spi Bytes Transform
------ ------- --- ----- ---------
INRouter2 172.16.0.1 0x8eabe4b3 256 esp-aes-sha1-tunl
Router2 172.16.0.2 0xa9a506f9 256 esp-aes-sha1-tunl