CONFIGURING CISCO SITE TO SITE IPSEC VPN WITH DYNAMIC IP ENDPOINT CISCO ROUTERS
Thanks to: http://www.firewall.cx/ ISAKMP (Internet Security Association and Key Management Protocol) and IPSec are essential to building and encrypting the VPN tunnel. ISAKMP, also called IKE (Internet Key Exchange), is the negotiation protocol that allows two hosts to agree on how to build an IPsec security association. ISAKMP negotiation consists of two phases: Phase 1 and Phase 2. Phase 1 creates the first tunnel, which protects later ISAKMP negotiation messages. Phase 2 creates the tunnel that protects data. IPSec then comes into play to encrypt the data using encryption algorithms and provides authentication, encryption and anti-replay services. IPSEC VPN REQUIREMENTS To help make this an easy-to-follow exercise, we have split it into two required steps to get the Site-to-Site IPSec Dynamic IP Endpoint VPN Tunnel to work. These steps are: (1) Configure ISAKMP (ISAKMP Phase 1) (2) Configure IPSec...