From MikroTik Wiki
< Manual:IP
Revision as of 08:09, 19 February 2008 by Eep (talk | contribs) (Protected "IPsec": will be in manual [edit=sysop:move=sysop])
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

IPsec between MikroTik and Cisco PIX in tunnel mode

  • On Cisco PIX firewall:
access-list 101 permit ip
nat (inside) 0 access-list 101
sysopt connection permit-ipsec
crypto ipsec transform-set MySet esp-3des esp-sha-hmac 
crypto map MyMap 1 ipsec-isakmp
crypto map MyMap 1 match address 101
crypto map MyMap 1 set peer
crypto map MyMap 1 set transform-set MySet
crypto map MyMap 10 set security-association lifetime seconds 86400
crypto map MyMap interface outside
isakmp enable outside
isakmp key gsdhg%#@