From: Peng Li (lipeng@xxxxxxxxxx)
Date: Sun Sep 09 2001 - 19:38:21 GMT-3
----- Original Message -----
From: Peng Li
To:
Sent: Sunday, September 09, 2001 8:51 AM
Subject: IPsec in CCIE Lab Practice Kit by Stephen Hutnik
Hi, I tried the this part and got confused with IP sec.
2 questions about IPsec on the senario,
1. The question 1 askes to use two router's loop interface as peer, the solutio
n is to make the ISA key add and the IPsec set peer add to the same loop . it's
ok for this one.
2. the second question askes to use a second key and peer with serial interface
, the solution just adds one more line with Isa key add to serial add and new k
ey. This is not working.
My question:
ISA key add must be same as IPsec's peer's. Because the one of major function f
or ISA is help the IPsec to authenticate the Peers(which is identified by add).
If you use IPsec local-add loop 0, its not possible to use the serial interface
add as peers as the book says.
Any one tried this?
If someone interested with this but don't have the book, I'd like to send detai
ls later upon demand.
Tks.
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:16 GMT-3