24 Jan 2010

GRE Tunnel w/ IPsec protection, (and ISAKMP association using RSA keys)



1. Generate an RSA Public Key for our router.
#crypto key generate rsa general-keys label R1

Here you can see the generated key. Do the above for also R2, and copy paste their public keys to each other in next step.
#sh crypto key mypubkey rsa
% Key pair was generated at: 12:35:34 UTC Jan 24 2010
Key name: R1
Usage: General Purpose Key
Key is not exportable.
Key Data:
305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00D35594 62FB3925
22EBD28E A64B12A7 2D0D44C1 DD28F9BF 8BA52834 516FC231 F1791352 A90ADEE0
A61E77C7 5F132B9E 11193B08 B338D531 D40EE40D 9699E742 DF020301 0001
% Key pair was generated at: 13:35:36 UTC Jan 24 2010
Key name: R1.server
Usage: Encryption Key
Key is not exportable.
Key Data:
307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00A4764D E3D85AFD
2E9254C0 DBB88E08 CE86FA63 8D82C08C D11F14DF AF9264C9 2F5C1CBC 7081C66D
DFE73BB3 66E5A354 48B73EF0 3773545B F5BACBA7 CEBA55DA 4D3D52A1 0B62BFFD
BA93A21E 9B65D23F 9A843994 FAAEB67E BF565A6F 38A8DC3A D5020301 0001

2. Create a key chain. Addressed to router R2 with its IP address and copy paste its public key in here.
#crypto key pubkey-chain rsa
addressed-key 10.1.1.6
key-string
Enter a public key as a hexidecimal number ....
(PASTE HERE)
and use quit to finish


Download project files for GNS3

No comments:

Post a Comment