ISAKMP/IKE Phase 1 Policies

One of the first steps you’ll take in setting up IPsec—L2L or remote access—is to define your ISAKMP policies for your ISAKMP/IKE Phase 1 management connection. The following subsections will discuss how to create your policies and the following section will define how to configure the device authentication information you’ve chosen for your Phase 1 policies.

Enabling ISAKMP

If you have a router with the IPsec feature, ISAKMP/IKE is enabled by default. To enable or disable it, use the following command:

Router(config)# [no] crypto isakmp enable

You need to disable ISAKMP/IKE only if the remote peers do not support it, in which case you’ll have to configure all parameters and keys for the data connection manually ...

Get The Complete Cisco VPN Configuration Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.