Manual:IP/IPsec: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
Eep (talk | contribs)
m Protected "IPsec": will be in manual [edit=sysop:move=sysop]
(No difference)

Revision as of 10:09, 19 February 2008

IPsec between MikroTik and Cisco PIX in tunnel mode

  • On Cisco PIX firewall:
access-list 101 permit ip 192.168.0.0 255.255.255.0 192.168.1.0 255.255.255.0
nat (inside) 0 access-list 101
!
sysopt connection permit-ipsec
!
crypto ipsec transform-set MySet esp-3des esp-sha-hmac 
!
crypto map MyMap 1 ipsec-isakmp
crypto map MyMap 1 match address 101
crypto map MyMap 1 set peer 10.11.0.2
crypto map MyMap 1 set transform-set MySet
crypto map MyMap 10 set security-association lifetime seconds 86400
crypto map MyMap interface outside
!
isakmp enable outside
isakmp key gsdhg%#@