RE: IPSec Dynamic

From: Wayne Hu (whu@xxxxxxxxxx)
Date: Tue Nov 07 2000 - 11:45:03 GMT-3

• Next message: Sam Munzani: "Re: RIP summary routes?"
• Previous message: Foster, Kristopher: "RE: Warning:Mailing_List_Action"
• Maybe in reply to: Tony Olzak: "IPSec Dynamic"
• Next in thread: Tony Olzak: "Re: IPSec Dynamic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Mode configuration is used for remote user who doesn't have static public IP
address. Wildcard 0.0.0.0 will allow any body who have a preshared key and
match access-list setup IPSec tunnel.

wayne

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Jack Heney
Sent: November 6, 2000 10:52 PM
To: lpd@jacksonville.net; aolzak@buckeye-express.com;
ccielab@groupstudy.com
Subject: RE: IPSec Dynamic

You're right...I was confusing IKE with CA interoperability......I'm a
little confused with the use of dynamic crypto maps...On CCO, it says that a
dynamic map is like a template - It lacks some of the configured options of
a static map. It seems these options could be "set peer" and/or "match
address," as they are deemed optional.....If this is the case, and no peer
or traffic type is indicated, does the router use IPSec if the peer
initiates an IPSec session and allow the trafiic if the peer does not?
jack

>From: "Steve McNutt" <lpd@jacksonville.net>
>To: "Jack Heney" <jheneyccie@hotmail.com>, <aolzak@buckeye-express.com>,
><ccielab@groupstudy.com>
>Subject: RE: IPSec Dynamic
>Date: Mon, 6 Nov 2000 22:35:05 -0500
>
>actually, IKE with pre shared keys is the easiest way to set up a basic
>tunnel. don't have to generate hashes or any of that nonsense.
>
>-----Original Message-----
>From: Jack Heney [mailto:jheneyccie@hotmail.com]
>Sent: Monday, November 06, 2000 10:32 PM
>To: lpd@jacksonville.net; aolzak@buckeye-express.com;
>ccielab@groupstudy.com
>Subject: RE: IPSec Dynamic
>
>
>If I have to set up IKE I am going to cry. Seriously.
>Jack
>
>
> >From: "Steve McNutt" <lpd@jacksonville.net>
> >Reply-To: "Steve McNutt" <lpd@jacksonville.net>
> >To: "Tony Olzak" <aolzak@buckeye-express.com>, <ccielab@groupstudy.com>
> >Subject: RE: IPSec Dynamic
> >Date: Mon, 6 Nov 2000 22:11:56 -0500
> >
> >ohmygawd I hope I don't they don't go that deep into ipsec on me hehe.
> >It's
> >a cool feature that I wish FW-1 had though.
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> >Tony Olzak
> > Sent: Monday, November 06, 2000 9:39 PM
> > To: ccielab@groupstudy.com
> > Subject: IPSec Dynamic
> >
> >
> > Does anyone have a sample config for IPSec with dynamic maps?
> >
> >
> > Tony
> >
>

• Next message: Sam Munzani: "Re: RIP summary routes?"
• Previous message: Foster, Kristopher: "RE: Warning:Mailing_List_Action"
• Maybe in reply to: Tony Olzak: "IPSec Dynamic"
• Next in thread: Tony Olzak: "Re: IPSec Dynamic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:42 GMT-3