Product specifications
Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-63
Main Mode Example
The following example lists two setup files that configure two routers for an IKE main
mode connection. The two routers are referred to as the home office router and the
branch office router.
The configuration sets up a secure connection between the two routers across a
public network, thus, the routers are identified by their public IP addresses on the ike
peers commands. The packets that are transmitted through this secure connection
are from devices in the home office and branch office networks. These networks use
private addresses, and thus the packets contain private IP addresses. The ike ipsec
policies commands specify these private source and destination addresses.
This is the file for the home office router:
# Home office example using IKE
# Home router private network addresses are 192.168.16.X
# Home router public address is 192.168.17.200
# Branch router private network addresses are 192.168.19.X
# Branch router public address is 192.168.18.201
# Describe the branch office peer
# IKE main mode is used because the branch office has a fixed IP
address
# (192.168.18.201). The shared secret is
″ThisIsASecret12345;)″
ike peers add branch_peer
ike peers set mode main branch_peer
ike peers set address 192.168.18.201 branch_peer
ike peers set secret ThisIsASecret12345;) branch_peer
Figure 5-8: Main Mode Example
Public Network
Home Office
Router
Branch Office
Router
Home
Office
Private
Network
Branch
Office
Private
Network
192.168.16.X
192.168.17.200 192.168.18.201
192.168.19.X