An Introduction To IP Security (IPSec) Encryption - Cisco

12/9/2015
AnIntroductiontoIPSecurity(IPSec)EncryptionCisco
AnIntroductiontoIPSecurity(IPSec)Encryption
Updated: May19,2008
Contents
Introduction
Prerequisites
Requirements
ComponentsUsed
Conventions
Background
CryptoLingo(Vocabulary)
ConfigureISAKMP
1.PreSharedKeys
2.UseaCA
ConfigureIPsec
CreateExtendedACL
CreateIPsecTransform(s)
CreateCryptoMap
ApplyCryptoMaptoInterface
MemoryandCPUConsiderations
OutputfromshowCommands
IKERelatedOutput
IPsecRelatedshowCommands
SampleConfigurations
NetworkDiagram
Configurations
DebugInformation
ImplementationTipsforIPsec
HelpandRelevantLinks
IPsecInformation
MoreSampleConfigurationsforIPsec
References
RelatedInformation
Introduction
ThisdocumentintroducesIPsectousersinarapid,butconciseformat.Thisdocumentcontainsbasic
configurationsofInternetKeyExchange(IKE)withpresharedkeys,IKEwithaCertificationAuthority,andIPsec.
http://www.cisco.com/c/en/us/support/docs/securityvpn/ipsecnegotiationikeprotocols/16439IPSECpart8.html
1/26
12/9/2015
Thisisnotanexhaustivedocument.But,thisdocumentdoeshelpyoutounderstandthetasksandtheorderin
whichtheyareaccomplished.
Warning:Therearesevererestrictionsontheexportofstrongcryptography.IfyouviolateU.S.Federal
Law,thenyou,notCisco,areheldaccountable.Ifyouhaveanyquestionsrelatedtoexportcontrol,sendandE
mailtoexport@cisco.com.
Note:MulticastandBroadcastarenotsupportedonnormalLANtoLANtunnelsoronVPNclientsthatterminate
onanydevices.MulticastcanbepassedonlyonGREtunnels.ThisissupportedonlyonroutersandnotonVPN
3000Concentratorsorfirewalls(ASA/PIX).
Prerequisites
Requirements
Therearenospecificrequirementsforthisdocument.
ComponentsUsed
Thisdocumentisnotrestrictedtospecificsoftwareandhardwareversions.
Conventions
RefertoCiscoTechnicalTipsConventionsformoreinformationondocumentconventions.
Background
IPsecisthenextgenerationnetworklayercryptoplatformfortheCiscosecurityplatforms(CiscoIOSSoftware,
PIX,andsoforth).OriginallydescribedinRFCs1825through1829,whicharenowobsolete,IPseciscurrently
discussedinanumberofdocumentspresentedbytheIETFIPSecurityWorkingGroup .IPseccurrently
supportsIPversion4unicastpackets.IPv6andmulticastsupportistoarriveatalatertime.
IPsechasthesestrengthsovercurrentCiscocryptoofferings:
MultivendorSincetheIPsecframeworkisstandardized,customersarenotlockedintoanyspecificvendor
product.IPsecisfoundonrouters,firewalls,andclientdesktops(Windows,Mac,andsoforth).
ScalabilityIPsecisdesignedwithlargeenterprisesinmind.Therefore,ithasbuiltinkeymanagement.
Note:WhileseveralCiscoplatformscanuseIPsec,thisdocumentisgearedtowardsCiscoIOSsoftware.
CryptoLingo(Vocabulary)
YouneedtoknowthesetermsinordertounderstandIPsec,andtoreadtherestofthisdocument.Whenyousee
acronymsinotherportionsofthisdocument,refertothispagefordefinitions.
AdvancedEncryptionStandard(AES)AESwasfinalizedasaFederalInformationProcessingStandard
(FIPS)approvedcryptographicalgorithmtobeusedinordertoprotectelectronicdatatransmission(FIPSPUB
197).AESisbasedontheRijndaelalgorithm,whichspecifieshowtousekeyswithalengthof128,192,or256
bitstoencryptblockswithalengthof128,192,or256bits.Allninecombinationsofkeylengthandblocklength
arepossible.
AuthenticationHeader(AH)Thisisasecurityprotocolthatprovidesauthenticationandoptionalreplay
detectionservices.AHisembeddedinthedatatobeprotected,forexample,afullIPdatagram.AHcanbeused
eitherbyitselforwithEncryptionServicePayload(ESP).RefertotheRFC2402 .
AuthenticationThisisoneofthefunctionsoftheIPsecframework.Authenticationestablishestheintegrityof
datastreamandensuresthatitisnottamperedwithintransit.Italsoprovidesconfirmationaboutdatastream
origin.
2/26
12/9/2015
CertificationAuthority(CA)Thisisathirdpartyentitywiththeresponsibilitytoissueandrevokecertificates.
EachdevicethathasitsowncertificateandpublickeyoftheCAcanauthenticateeveryotherdevicewithina
givenCAdomain.Thistermalsoappliestoserversoftwarethatprovidestheseservices.
CertificateAcryptographicallysignedobjectthatcontainsanidentityandapublickeyassociatedwiththis
identity.
ClassiccryptoThisisCiscoproprietaryencryptionmechanismusedinCiscoIOSSoftwareRelease11.2.
ClassiccryptoisavailableinCiscoIOSSoftwareRelease11.3.But,IPsecisnotretrofittedtoCiscoIOS
SoftwareRelease11.2.YoucanalsoseethenameclassiccryptoreferredtoasEncryptionExpressorCisco
EncryptionTechnology(CET)inthemarketingliterature.
CertificateRevocationList(CRL)Thisisadigitallysignedmessagethatlistsallofthecurrentbutrevoked
certificateslistedbyagivenCA.Thisisanalogoustoabookofstolenchargecardnumbersthatallowstoresto
rejectbadcreditcards.
CryptomapThisisaCiscoIOSsoftwareconfigurationentitythatperformstwoprimaryfunctions.First,it
selectsdataflowsthatneedsecurityprocessing.Second,itdefinesthepolicyfortheseflowsandthecryptopeer
thattrafficneedstogoto.
Acryptomapisappliedtoaninterface.Theconceptofacryptomapwasintroducedinclassiccryptobutwas
expandedforIPsec.
DataintegrityThisisdataintegritymechanisms,throughtheuseofsecretkeybasedorpublickeybased
algorithms,thatallowtherecipientofapieceofprotecteddatainordertoverifythatthedatahasnotbeen
modifiedintransit.
DataconfidentialityThisisthemethodwhereprotecteddataismanipulatedsothatnoattackercanreadit.
Thisiscommonlyprovidedbydataencryptionandkeysthatareonlyavailabletothepartiesinvolvedinthe
communication.
DataoriginauthenticationThisisasecurityservicewherethereceivercanverifythatprotecteddatamight
haveoriginatedonlyfromthesender.Thisservicerequiresadataintegrityserviceplusakeydistribution
mechanism,whereasecretkeyissharedonlybetweenthesenderandreceiver.
DataEncryptionStandard(DES)TheDESwaspublishedin1977bytheNationalBureauofStandardsandisa
secretkeyencryptionschemebasedontheLuciferalgorithmfromIBM.ThecontrastofDESispublickey.Cisco
usesDESinclassiccrypto(40bitand56bitkeylengths),IPseccrypto(56bitkey),andonthePIXFirewall(56
bitkey).
DiffieHellmanThisisamethodoftheestablishmentofasharedkeyoveraninsecuremedium.DiffieHellman
isacomponentofOakley,whichisdefinedinthisdefinitionlist.
DSSAdigitalsignaturealgorithmdesignedbyTheUSNationalInstituteofStandardsandTechnology(NIST)
basedonpublickeycryptography.DSSdoesnotdouserdatagramencryption.DSSisacomponentinclassic
crypto,aswellastheRedcreekIPseccard,butnotinIPsecimplementedinCiscoIOSsoftware.
EncryptionServiceAdapter(ESA)Thisisahardwarebasedencryptionacceleratorthatisusedin:
Cisco7204and7206routers
SecondgenerationVersatileInterfaceProcessor240s(VIP240s)inallCisco7500seriesrouters
VIP240intheCisco7000seriesroutersthathavetheCisco7000seriesRouteSwitchProcessor(RSP7000)
andCisco7000seriesChassisInterface(RSP7000CI)cardsinstalled.
IPsecdoesnotusetheESAacceleration,butitdoesworkinaboxthathasanESAcardonasoftwareonly
basis.
EncapsulatingSecurityPayload(ESP)Asecurityprotocolthatprovidesdataconfidentialityandprotection
withoptionalauthenticationandreplaydetectionservices.ESPcompletelyencapsulatesuserdata.ESPcanbe
usedeitherbyitselforinconjunctionwithAH.RefertoRFC2406:IPEncapsulatingSecurityPayload(ESP) .
HashThisisaonewayfunctionthattakesaninputmessageofarbitrarylengthandproducesafixedlength
digest.CiscousesbothSecureHashAlgorithm(SHA)andMessageDigest5(MD5)hasheswithinour
implementationoftheIPsecframework.SeethedefinitionforHMACformoreinformation.
HMACThisisamechanismformessageauthenticationthatusescryptographichashessuchasSHAandMD5.
3/26
12/9/2015
RefertoRFC2104
foranexhaustivediscussionofHMAC.
InternetKeyExchange(IKE)AhybridprotocolthatusespartOakleyandpartofanotherprotocolsuitecalled
SKEMEinsidetheInternetSecurityAssociationandKeyManagementProtocol(ISAKMP)framework.IKEis
usedtoestablishasharedsecuritypolicyandauthenticatedkeysforservices,suchasIPsec,thatrequirekeys.
BeforeanyIPsectrafficcanbepassed,eachrouter/firewall/hostmustbeabletoverifytheidentityofitspeer.
Manuallyenterpresharedkeysintobothhosts,byaCAservice,ortheforthcomingsecureDNS(DNSSec)in
ordertodothis.ThisistheprotocolformerlyknownasISAKMP/Oakley,andisdefinedinRFC2409:TheInternet
KeyExchange(IKE) .ApotentialpointofconfusionisthattheacronymsISAKMPandIKEarebothusedin
CiscoIOSsoftwareinordertorefertothesamething.Thesetwoitemsaresomewhatdifferent.
InternetSecurityAssociationandKeyManagementProtocol(ISAKMP)Thisisaprotocolframeworkthat
definesthemechanicsoftheimplementationofakeyexchangeprotocolandnegotiationofasecuritypolicy.
ISAKMPisdefinedintheInternetSecurityAssociationandKeyManagementProtocol(ISAKMP).
IPsecNATTransparencyTheIPsecNATTransparencyfeatureintroducessupportforIPSecurity(IPsec)
traffictotravelthroughNetworkAddressTranslation(NAT)orPointAddressTranslation(PAT)pointsinthe
networkbyaddressingmanyknownincompatibilitiesbetweenNATandIPsec.NATTraversalisafeaturethatis
autodetectedbyVPNdevices.TherearenoconfigurationstepsforarouterthatrunsCiscoIOSSoftware
Release12.2(13)Tandlater.IfbothVPNdevicesareNATTcapable,NATTraversalisautodetectedandauto
negotiated.
ISAKMP/OakleySeeIKE.
MessageDigest5(MD5)Thisisaonewayhashingalgorithmthatproducesa128bithash.BothMD5and
SecureHashAlgorithm(SHA)arevariationsonMD4,whichisdesignedtostrengthenthesecurityofthishashing
algorithm.SHAismoresecurethanMD4andMD5.CiscouseshashesforauthenticationwithintheIPsec
framework.
OakleyThisisakeyexchangeprotocolthatdefineshowtoacquireauthenticatedkeyingmaterial.Thebasic
mechanismforOakleyistheDiffieHellmankeyexchangealgorithm.YoucanfindthestandardinRFC2412:The
OAKLEYKeyDeterminationProtocol .
PerfectForwardSecrecy(PFS)PFSensuresthatagivenIPsecSAkeywasnotderivedfromanyother
secret,likesomeotherkeys.Inotherwords,ifsomeonebreaksakey,PFSensuresthattheattackerisnotable
toderiveanyotherkey.IfPFSisnotenabled,someonecanpotentiallybreaktheIKESAsecretkey,copyallthe
IPsecprotecteddata,andthenuseknowledgeoftheIKESAsecretinordertocompromisetheIPsecSAssetup
bythisIKESA.WithPFS,breakingIKEdoesnotgiveanattackerimmediateaccesstoIPsec.Theattacker
needstobreakeachIPsecSAindividually.TheCiscoIOSIPsecimplementationusesPFSgroup1(DH768bit)
bydefault.
ReplaydetectionThisisasecurityservicewherethereceivercanrejectoldorduplicatepacketsinorderto
defeatreplayattacks.Replayattacksrelyontheattackertosendoutolderorduplicatepacketstothereceiver
andthereceivertothinkthatthebogustrafficislegitimate.Replaydetectionisdonebytheuseofsequence
numberscombinedwithauthentication,andisastandardfeatureofIPsec.
RSAThisisapublickeycryptographicalgorithm,namedafteritsinventors,Rivest,ShamirandAdleman,witha
variablekeylength.ThemainweaknessofRSAisthatitissignificantlyslowtocomputecomparedtopopular
secretkeyalgorithms,suchasDES.CiscoIKEimplementationusesaDiffieHellmanexchangeinordertoget
thesecretkeys.ThisexchangecanbeauthenticatedwithRSA,orpresharedkeys.WiththeDiffieHellman
exchange,theDESkeynevercrossesthenetwork,noteveninencryptedform,whichisnotthecasewiththe
RSAencryptandsigntechnique.RSAisnotapublicdomain,andmustbelicensedfromRSADataSecurity.
SecurityAssociation(SA)Thisisaninstanceofsecuritypolicyandkeyingmaterialappliedtoadataflow.
BothIKEandIPsecuseSAs,althoughSAsareindependentofoneanother.IPsecSAsareunidirectionaland
theyareuniqueineachsecurityprotocol.AsetofSAsareneededforaprotecteddatapipe,oneperdirectionper
protocol.Forexample,ifyouhaveapipethatsupportsESPbetweenpeers,oneESPSAisrequiredforeach
direction.SAsareuniquelyidentifiedbydestination(IPsecendpoint)address,securityprotocol(AHorESP),and
securityparameterindex(SPI).
IKEnegotiatesandestablishesSAsonbehalfofIPsec.AusercanalsoestablishIPsecSAsmanually.
AnIKESAisusedbyIKEonly.UnliketheIPsecSA,itisbidirectional.
SecureHashAlgorithm(SHA)ThisisaonewayhashputforthbyNIST.SHAiscloselymodeledafterMD4
4/26
12/9/2015
andproducesa160bitdigest.BecauseSHAproducesa160bitdigest,itismoreresistanttobruteforceattacks
than128bithashes(suchasMD5),butitisslower.
SplitTunnelingThisistheprocessofallowingaremoteVPNuserinordertoaccessapublicnetwork,most
commonlytheInternet,atthesametimethattheuserisallowedtoaccessresourcesattheremoteoffice.This
methodofnetworkaccessenablestheusertoaccessremotedevices,suchasanetworkedprinterandservers
atthesametimeastoaccessthepublicnetwork(Internet).Anadvantageoftheuseofsplittunnelingisthatit
alleviatesbottlenecksandconservesbandwidthasInternettrafficdoesnothavetopassthroughtheVPNserver.
AdisadvantageofthismethodisthatitessentiallyrenderstheVPNvulnerabletoattackasitisaccessible
throughthepublic,nonsecurenetwork.
TransformAtransformdescribesasecurityprotocol(AHorESP)withitscorrespondingalgorithms.For
example,ESPwiththeDEScipheralgorithmandHMACSHAforauthentication.
TransportModeThisisanencapsulationmodeforAH/ESP.TransportModeencapsulatestheupperlayer
payload,suchasTransmissionControlProtocol(TCP)orUserDatagramProtocol(UDP),oftheoriginalIP
datagram.Thismodecanonlybeusedwhenthepeersaretheendpointsofthecommunication.Thecontrastof
TransportModeisTunnelMode.
TunnelModeThisistheencapsulationofthecompleteIPDatagramforIPsec.TunnelModeisusedonorder
toprotectdatagramssourcedfromordestinedtononIPsecsystems,suchasinaVirtualPrivateNetwork(VPN)
scenario.
ConfigureISAKMP
IKEexistsonlytoestablishSAsforIPsec.Beforeitcandothis,IKEmustnegotiateanSA(anISAKMPSA)
relationshipwiththepeer.SinceIKEnegotiatesitsownpolicy,itispossibletoconfiguremultiplepolicy
statementswithdifferentconfigurationstatements,thenletthetwohostscometoanagreement.ISAKMP
negotiates:
AnEncryptionAlgorithmThisislimitedto56bitDESonly.
AHashingAlgorithmMD5orSHA
AuthenticationRSAsignatures,RSAEncryptednonces(randomnumbers),orpresharedkeys
LifetimeoftheSAInseconds
Currently,therearetwomethodsusedinordertoconfigureISAKMP:
Usepresharedkeys,whicharesimpletoconfigure.
UseaCA,whichisscalablethroughouttheEnterprise.
Note:IKEnegotiationisdoneonUDP500.IPsecusesIPprotocols50and51.Makesurethesearepermittedon
anyaccesslistsyouhavebetweenthepeers.
1.PreSharedKeys
ThisisthequickanddirtymethodusedinordertoconfigureIKE.WhiletheIKEconfigurationissimpleandyou
donotuseaCA,itdoesnotscaleverywell.
YouneedtodotheseinordertoconfigureIKE:
ConfigureISAKMPprotectionsuite(s).
ConfigureISAKMPkey.
ConfigureISAKMPProtectionSuite(s)
ThiscommandcreatestheISAKMPpolicyobject.Itispossibletohavemultiplepolicies,butthereisonlyonein
thisexample:
dt345a(config)#cryptoisakmppolicy1
5/26
12/9/2015
dt345a(configisakmp)#
Withthegroupcommand,youcandeclarewhatsizemodulustouseforDiffieHellmancalculation.Group1is
768bitslong,andgroup2is1024bitslong.Whywouldyouuseoneovertheother?Notallvendorssupportgroup
2.Also,group2isalsosignificantlymoreCPUintensivethangroupone.Forthisreason,youdonotwanttouse
group2onlowendroutersliketheCisco2500seriesorless.But,group2ismoresecurethangroup1.Since
thisexampleusesaCisco4500,group2isused,andmakesurethepeerisalsoconfiguredinordertousegroup
2.Thedefaultisgroup1.Ifyouselectthedefaultproperties,thegroup1linesdonotshowupwhenyoudoa
writeterminalcommand.
dt345a(configisakmp)#group2
MD5isourhashingalgorithminthisline.WhiletheimplementationofSHAandMD5arebothmandatory,notall
peerscanbeconfiguredinordertonegotiateoneortheother.ThedefaultinCiscoIOSisSHA,whichismore
securethanMD5.
dt345a(configisakmp)#hashmd5
ThelifetimeoftheSA,500secondsinthiscase,isshowninthiscommand.Ifyoudonotsetalifetime,it
defaultsto86400seconds,oroneday.Whenthelifetimetimerfires,theSAisrenegotiatedasasecurity
measure.
dt345a(configisakmp)#lifetime500
Inthiscommand,IKEismanuallytoldwhatkeytouse.Therefore,thepresharecommandisused.Twooptions
besidesthepresharecommandarethersaencrandthersasigcommands.Thersaencrcommandconfigures
RSAEncryptednoncesandthersasigcommandconfiguresRSASignature.Thersaencrandthersasig
commandsareaddressedintheUseaCAsection.Fornow,rememberthatrsasigisthedefault.
dt345a(configisakmp)#authenticationpreshare
ConfigureISAKMPkey
Inthesecommands,IKEistoldwhatkeytouse.Thepeer,192.168.10.38inthiscase,musthavethesamekey
SlurpeeMachineinitsconfiguration.
dt345a(configisakmp)#exit
dt345a(config)#cryptoisakmpkeySlurpeeMachineaddress192.168.10.38
YouarenowdonewithIKEconfiguration.TheselinesaretheIKEconfigurationofthepeer.Thecomplete
configurationsforbothroutersareintheSampleConfigurationssectionofthisdocument:
cryptoisakmppolicy1
hashmd5
group2
authenticationpreshare
cryptoisakmpkeySlurpeeMachineaddress192.168.10.66
2.UseaCA
TheuseofaCAisacomplexmethodusedinordertoconfigureIKE.SinceitisveryscalableinIPsec,youneed
touseIPsecinsteadofclassiccrypto.WhenCiscoIOSSoftwareRelease11.3(3)isreleased,thereareonly
goingtobeafewCAvendorsthatshipproduct.Initially,mostconfigurationsaredonewiththeuseofpreshared
keys.VeriSign,Entrust,MicrosoftandNetscape,andprobablyahostofothers,areworkingonCAproducts.For
thisexample,aVeriSignCAisused.
YouneedtodotheseinordertouseaCA:
6/26
12/9/2015
CreateRSAkeypair(s)fortherouter.
RequestCAcertificate.
Enrollcertificatesfortheclientrouter.
ConfigureISAKMPprotectionsuite(s).
CreateRSAKeyPairsfortheRouter
Thecryptokeygenrsausagekeyscommandcanconfuseyou.ThiscommandcreatestwokeypairsforRSA:
onekeypairforencryption
onekeypairfordigitalsignatures
Akeypairreferstoapublickeyanditscorrespondingsecretkey.Ifyoudonotspecifyusagekeysattheendof
thecommand,theroutergeneratesonlyoneRSAkeypairandusesitforbothencryptionanddigitalsignatures.
Asawarning,thatthiscommandcanbeusedinordertocreateDSSkeys.ButDSSisapartofclassiccrypto,
notIPsec.
dt345a(config)#cryptokeygenrsausagekeys
Thenameforthekeyswillbe:dt345a.cisco.com
%YoualreadyhaveRSAkeysdefinedfordt345a.cisco.com.
%Doyoureallywanttoreplacethem?[yes/no]yes
SincesomeRSAkeysalreadyexistonthisbox,itasksifyouwanttogetridofthekeysthatexist.Sincethe
answerisyes,confirmthecommand.Thispromptisreturned:
Choosethesizeofthekeymodulusintherangeof
360to2048foryourSignaturekeys.
Choosingakeymodulusgreaterthan512maytakeafewminutes.
Howmanybitsinthemodulus[512]:<return>
GeneratingRSAkeys...
[OK]
Choosethesizeofthekeymodulusintherangeof
360to2048foryourEncryptionkeys.
Choosingakeymodulusgreaterthan512maytakeafewminutes.
Howmanybitsinthemodulus[512]:<return>
GeneratingRSAkeys...
[OK]
dt345a(config)#
TheRSAkeypairswiththedefault512bitmodulusarenowcreated.Exitoutofconfigmodeandenterashow
cryptokeymypubkeyrsacommand.YoucannowseeyourRSApublickey(s).Theprivatekeyportionofthe
keypairisneverseen.Evenifyoudonothavepreexistingkeys,youseethesamethingfrompreviously.
Note:Remembertosaveyourconfigurationonceyouhavegeneratedyourkeypairs.
RequestaCACertificate
YounowneedtoconfiguretherouterinordertotalktoaCA.Thisinvolvesseveralsteps.Youneedtoeventually
coordinatewithyourCAadministrator.
Intheseconfigurationlines,adomainnameisaddedtotherouter.Thiscreatesahostnameciscocaultra,and
tellstherouterwhatitsIPaddressis,andthenameservers.Youneedtohaveeitherhostnamesdefinedforthe
CAoraDNSthatworksonthebox.CiscorecommendsthatyouhaveaDNSthatworksonthebox.
dt345a(config)#iphostciscocaultra171.69.54.46
dt345a(config)#ipdomainnamecisco.com
dt345a(config)#ipnameserver171.692.132
dt345a(config)#ipnameserver198.92.30.32
7/26
12/9/2015
StarttoconfiguretheCAparameters.verisigncaisjustanarbitraryname.
dt345a(config)#cryptocaidentityverisignca
dt345a(caidentity)#
Inthisoutput,theCiscoenrollmentprotocolusesHTTPinordertotalktotheCA.Thedt345a(ca
identity)#enrollmenturlhttp://ciscocaultracommandtellstheroutertogotothespecifiedURLinorderto
interactwiththeCA.Thedt345a(caidentity)#cryptocaauthenticateverisigncacommandinstructstherouter
tofetchthecertificateoftheCA.BeforeyoucanenrollintheCA,youneedtomakesureyoutalktotherealCA.
VerifythecertificateoftheCAwiththeCAadministratorinordertoensureauthenticity.
dt345a(caidentity)#enrollmenturlhttp://ciscocaultra
dt345a(caidentity)#exit
dt345a(caidentity)#cryptocaauthenticateverisignca
EnrollCertificatesfortheClientRouter
IssuethecryptocaenrollverisigncacommandinordertobeginenrollmentwiththeCA.Thereareseveral
stepstothis.First,youhavetoverifytheidentityoftheCA,thentheCAhastoverifytheidentityoftherouter.If
youeverneedtorevokeyourcertificatebeforeitexpires,ifyourenumbertheinterfacesofyourrouterorifyou
believethatyourcertificateiscompromised,youneedtoprovideapasswordtotheCAadministrator.Enterthat,
asisillustratedinthisoutput.Afteryouenteryourpassword,theroutercontinues.
dt345a(config)#cryptocaenrollverisignca
%Startcertificateenrollment..
%Createachallengepassword.Youwillneedtoverballyprovidethispassword
totheCAAdministratorinordertorevokeyourcertificate.
Forsecurityreasonsyourpasswordwillnotbesavedintheconfiguration.
Pleasemakeanoteofit.
Password:
Reenterpassword:
Younowseethefingerprint(s)fromtheCA.Verifythatthefingerprint(s)arecorrectwiththeCAadministrator.In
addition,ifyoudoashowcryptocacertcommand,youseetheCAcertificate(s),inadditiontoyourown
certificates.TheCAcertificatesarelistedaspendingatthistime.
%Thesubjectnameforthekeyswillbe:dt345a.cisco.com
%Includetherouterserialnumberinthesubjectname?[yes/no]:yes
%Theserialnumberinthecertificatewillbe:01204044
%IncludeanIPaddressinthesubjectname?[yes/no]:yes
Interface:Ethernet0
RequestcertificatefromCA?[yes/no]:yes
ContacttheCAadministratorbecausethispersonwantstoconfirmtheidentityofthehosebeforeacertificateis
issued.OncetheCAissuesthecertificate,thestatusofourcertificatechangesfrompendingtoavailable.With
this,CAenrollmentiscomplete.But,youarenotdone.YoustillneedtoconfigureISAKMPpolicyobject(s).
ConfigureISAKMPProtectionSuite(s)
Thersasigdefaultisusedinthisoutput.Youcanhavemultipleprotectionsuite(s),butthereisonlyoneinthis
example.Intheeventofmultipleprotectionsuites,thepoliciesarepresentedtothepeerinnumericalorderand
thepeernegotiateswhichonetouse.Youneedtodothisifyouknowthatallofyourpeersdonotsupportcertain
features.Therouterdoesnotattempttonegotiatethingsthatdonotmakesense.Forexample,ifyouconfigure
yourpolicyforrsasigandyouhavenocertificate,therouterdoesnotnegotiatethis.
dt345a(config)#cryptoisakmppolicy1
dt345a(configisakmp)#hashmd5
dt345a(configisakmp)#lifetime4000
8/26
12/9/2015
dt345a(configisakmp)#exit
ConfigureIPsec
WhetheryouusepresharedkeysorconfigureaCA,onceyousetupInternetKeyExchangeIKE,youstillhaveto
setupIPsec.RegardlessofwhichIKEmethodyouuse,theconfigurationstepsforIPsecarethesame.
YouneedtodotheseinordertoconfigureIPsec:
CreateextendedACL.
CreateIPsectransform(s).
Createcryptomap.
Applycryptomaptotheinterface.
CreateExtendedACL
ThiscommandisaverysimpleACLthatallowstherouterstotalktooneanother,forexample,aTelnetfromone
routertothenext.
dt345a(config)#accesslist101permitiphost192.168.10.38
host192.168.10.66
AmorerealisticACLlookslikethiscommand.ThiscommandisanordinaryextendedACL,where192.168.3.0is
asubnetbehindtherouterinquestion,and10.3.2.0isasubnetsomewherebehindthepeerrouter.Remember
thatpermitmeansencryptanddenymeansdonotencrypt.
dt345a(config)#accesslist101permitip192.168.3.00.0.0.255
10.3.2.00.0.0.255
CreateIPsecTransform(s)
Createthreetransformsets.ThefirstoneusesESPonly,thesecondoneusesAHcombinedwithESP,andthe
lastoneusesonlyAH.DuringIPsecSAnegotiation,allthreeareofferedtothepeer,whichchoosesone.Also,
forallthreetransformsets,usethedefaulttunnelmode.Transportmodecanbeusedonlywhenthecrypto
endpointsarealsotheendpointsofthecommunication.Transpotmodecanbespecifiedbythemodetransport
commandunderthetransformsetconfiguration.TunnelmodeisusedprimarilyfortheVPNscenario.Alsonote
thatesprfc1829andahrfc1828arebasedontheoriginalRFCsforthistechnologyandareobsoletetransforms
includedforbackwardscompatibility.Notallvendorssupportthesetransforms,butothervendorssupportonly
thesetransforms.
Thetransformsetsinthesecommandsarenotnecessarilythemostpractical.Forexample,bothPapaBearand
BabyBearhavesubstandardtransformsets.Useesprfc1829andahrfc1828togetherinthesametransform
set.
dt345a(config)#cryptoipsectransformsetPapaBearesprfc1829
dt345a(cfgcryptotrans)#exit
dt345a(config)#cryptoipsectransformsetMamaBearahmd5hmacespdes
dt345a(config)#cryptoipsectransformsetBabyBearahrfc1828
dt345a(config)#
CreateCryptoMap
TheipsecisakmptagtellstherouterthatthiscryptomapisanIPseccryptomap.Althoughthereisonlyone
9/26
12/9/2015
peerdeclaredinthiscryptomap,youcanhavemultiplepeerswithinagivencryptomap.Thesessionkey
lifetimecanbeexpressedineitherkilobytes(afterxamountoftraffic,changethekey)orseconds,asisshown
inthesecommands.Thegoalofthisistomaketheeffortsofapotentialattackermoredifficult.Theset
transformsetcommandiswhereyouassociatethetransformswiththecryptomap.Inaddition,theorderin
whichyoudeclarethetransformsissignificant.MamaBearismorepreferredinthisconfiguration,andthenthe
restindescendingorderofpreferencethroughtoBabyBear.Thematchaddress101commandmeanstouse
accesslist101inordertodeterminewhichtrafficisrelevant.Youcanhavemultiplecryptomapswiththesame
name,whichisarmadillo,inthisexample,anddifferentsequencenumbers,whichis10,inthisexample.The
combinationofmultiplecryptomapsanddifferentsequencenumbersallowsyoutomixandmatchclassiccrypto
andIPsec.YoucanalsomodifyyourPFSconfigurationhere.PFSgroup1isthedefaultinthisexample.Youcan
changethePFStogroup2,orturnitoffalltogether,whichyoushouldnotdo.
dt345a(config)#cryptomaparmadillo10ipsecisakmp
dt345a(configcryptomap)#setpeer192.168.10.38
dt345a(configcryptomap)#setsessionkeylifetimeseconds4000
dt345a(configcryptomap)#settransformsetMamaBearPapaBearBabyBear
dt345a(configcryptomap)#matchaddress101
ApplyCryptoMaptoInterface
Thesecommandsapplythecryptomaptotheinterface.Youcanassignonlyonecryptomapsettoaninterface.
Ifmultiplecryptomapentrieshavethesamemapnamebutadifferentseqnum,theyarepartofthesameset
andareallappliedtotheinterface.Thesecurityapplianceevaluatesthecryptomapentrywiththelowestseq
numfirst.
dt345a(config)#interfacee0
dt345a(configif)#cryptomaparmadillo
MemoryandCPUConsiderations
PacketsthatareprocessedbyIPsecareslowerthanpacketsthatareprocessedthroughclassiccrypto.There
areseveralreasonsforthisandtheymightcausesignificantperformanceproblems:
IPsecintroducespacketexpansion,whichismorelikelytorequirefragmentationandthecorresponding
reassemblyofIPsecdatagrams.
Encryptedpacketsareprobablyauthenticated,whichmeansthattherearetwocryptographicoperationsthat
areperformedforeverypacket.
Theauthenticationalgorithmsareslow,althoughworkhasbeendonetospeedupthingsastheDiffieHellman
computations.
Inaddition,theDiffieHellmankeyexchangeusedinIKEisanexponentiationofverylargenumbers(between768
and1024bytes)andcantakeuptofoursecondsonaCisco2500.PerformanceofRSAisdependentonthesize
oftheprimenumberchosenfortheRSAkeypair.
Foreachrouter,theSAdatabasetakesupapproximately300bytes,plus120bytesforeverySAtherein.In
situationswheretherearetwoIPsecSAs,oneinboundandoneoutbound,540bytesarerequired,inmostcases.
EachIKESAentryisapproximately64byteseach.TheonlytimeyouhaveoneIPsecSAforadataflowiswhen
thecommunicationisoneway.
IPsecandIKEimpactsperformancewhenactive.DiffieHellmankeyexchanges,publickeyauthentication,and
encryption/decryptionconsumeasignificantamountofresources.Although,muchefforthasbeenmadeinorder
tominimizethisimpact.
Thereisasmalldecreaseinperformancefornonencryptedpacketsthatgothroughaninterfacethatdoescrypto.
Thisisbecauseallpacketshavetobecheckedagainstthecryptomap.Thereisnoperformanceimpacton
packetsthattraversetherouterthatavoidaninterfacethatdoescrypto.Thebiggestimpactisontheencrypted
dataflows.
10/26
12/9/2015
UseGroup1forDiffieHellmankeyexchangeswithinIKE,useMD5asyourhashingalgorithm,anduselonger
lifetimesinordertominimizetheimpactofthecryptosubsystemontherestoftherouter.Intradeoffforthis
performancetuning,youcangetweakcryptography.Ultimately,itisuptothesecuritypolicyofthecustomerin
ordertodeterminewhichfeaturestouseandwhichtoleavealone.
OutputfromshowCommands
Note:Thecapturesinthesesectionsaretakenfromadifferentseriesofteststhanthoseusedintheprevious
sectionsofthisdocument.Consequently,thesecapturescanhavedifferentIPaddressesandreflectslightly
differentconfigurations.AnotherseriesofshowcommandsisprovidedintheDebugInformationsectionofthis
document.
IKERelatedOutput
StudythesecommandsinordertocheckVeriSignCAenrollment.Thesecommandsshowthepublickeysyou
useforRSAencryptionandsignatures.
dt145a#showcryptokeymypubkeyrsa
%Keypairwasgeneratedat:11:31:59PDTApr91998
Keyname:dt145a.cisco.com
Usage:SignatureKey
KeyData:
305C300D06092A864886F70D0101010500034B003048024100C11854
39A9C75C
4E34C987B4D7F36CA058D69713172767192166E1661483DD0FDB907B
F9C10B7A
CB5A034FA41DF38523BEB6A7C14344BEE6915A121C86374F830203010001
%Keypairwasgeneratedat:11:32:02PDTApr91998
Keyname:dt145a.cisco.com
Usage:EncryptionKey
KeyData:
305C300D06092A864886F70D0101010500034B003048024100DCF5AC
360DD5A6
C69704CF47B2362D65123BD4424B6FF6AD10C33E89983D0816F1EA58
3700BCF9
1EF17E715931A9FC18D60D9AE0852DDD3F25369CF09DFB75050203010001
Thiscommandshowsthecertificatesthattherouterrecognizes.Acertificatethathaspendingstatushasbeen
submittedtotheCAforapproval.
dt145a#showcryptocacertificates
Certificate
SubjectName
Name:dt145a.cisco.com
SerialNumber:01193485
Status:Available
CertificateSerialNumber:650534996414E2BE701F4EF3170EDFAD
KeyUsage:Signature
CACertificate
Status:Available
CertificateSerialNumber:3051DF7169BEE31B821DFE4B3A338E5F
KeyUsage:NotSet
Certificate
SubjectName
Name:dt145a.cisco.com
SerialNumber:01193485
Status:Available
CertificateSerialNumber:1e621faf3b9902bc5b49d0f99dc66d14
KeyUsage:Encryption
11/26
12/9/2015
Thisoutputshowsthepublickeysoftherouterandwheretherouterlearnedaboutthem.
dt145a#showcryptokeypubkeychainrsa
Codes:MManuallyconfigured,CExtractedfromcertificate
CodeUsageIPAddressName
CSigningCiscoSystemsDevtestCISCOCAULTRA
CGeneral172.21.30.71dt17ka.cisco.com
ThisistheISAKMP(IKE)SAtable.HereyouseethatanSAcurrentlyexistsbetween172.21.30.71and
172.21.30.70.ThepeerneedstohaveanSAentryinthesamestateastheoutputofthisrouter.
dt17ka#showcryptoisakmpsa
dstsrcstateconnidslot
172.21.30.70172.21.30.71QM_IDLE475
Theselinesshowthepolicyobjectsconfigured.Inthiscase,policies1,2,and4areused,inadditiontothe
default.Thepoliciesareproposedtothepeerinorder,with1asthemostpreferred.
dt145a#showcryptoisakmppolicy
Protectionsuiteofpriority1
encryptionalgorithm:DESDataEncryptionStandard(56bit
keys).
hashalgorithm:MessageDigest5
authenticationmethod:RivestShamirAdlemanSignature
DiffieHellmangroup:#1(768bit)
lifetime:180seconds,novolumelimit
encryptionalgorithm:DESDataEncryptionStandard(56bitkeys).
hashalgorithm:SecureHashStandard
authenticationmethod:PreSharedKey
Defaultprotectionsuite
IPsecRelatedshowCommands
ThiscommandshowsthecryptomapToOtherRouter,theACLs,andthetransformproposalsappliedtothis
cryptomap,thepeers,andthekeylifetime.
S325132#showcryptomap
CryptoMap"ToOtherRouter"10ipsecisakmp
Peer=192.168.1.1
ExtendedIPaccesslist101
accesslist101permitip
source:addr=192.168.45.0/0.0.0.255
dest:addr=192.168.3.0/0.0.0.255
ConnectionId=UNSET(0established,0failed)
Currentpeer:192.168.1.1
12/26
12/9/2015
Sessionkeylifetime:4608000kilobytes/3600seconds
PFS(Y/N):N
Transformproposals={Elvis,Bubba,BarneyDino,}
Thisconfigurationusesthesamerouterasthepreviousoutput,butdifferentcommands.Youseealltransform
proposals,whichsettingstheynegotiate,andthedefaults.
S325132#showcryptoipsectransformset
TransformproposalElvis:{ahshahmac}
supportedsettings={Tunnel,},
defaultsettings={Tunnel,},
willnegotiate={Tunnel,},
{espdes}
TransformproposalBubba:{ahrfc1828}
{espdesespmd5hmac}
TransformproposalBarneyDino:{ahmd5hmac}
ThiscommandshowsthecurrentIPsecSecurityAssociationsofthisrouter.TherouterhasoneAHSAforboth
incomingandoutgoing.
S325132#showcryptoipsession
Sessionkeylifetime:4608000kilobytes/3600seconds
S325132#showcryptoipsecsa
interface:Ethernet0
Cryptomaptag:ToOtherRouter,localaddr.192.168.1.2
localident(addr/mask/prot/port):(192.168.45.0/255.255.255.0/0/0)
remoteident(addr/mask/prot/port):(192.168.3.0/255.255.255.0/0/0)
current_peer:192.168.1.1
PERMIT,flags={origin_is_acl,}
#pktsencaps:0,#pktsencrypt:0,#pktsdigest0
#pktsdecaps:0,#pktsdecrypt:0,#pktsverify0
#senderrors5,#recverrors0
localcryptoendpt.:192.168.1.2,remotecryptoendpt.:192.168.1.1
pathmtu1500,mediamtu1500
currentoutboundspi:25081A81
inboundespsas:
inboundahsas:
spi:0x1EE91DDC(518594012)
transform:ahmd5hmac,
inusesettings={Tunnel,}
slot:0,connid:16,cryptomap:ToOtherRouter
13/26
12/9/2015
satiming:remainingkeylifetime(k/sec):(4608000/3423)
replaydetectionsupport:Y
outboundespsas:
outboundahsas:
spi:0x25081A81(621288065)
transform:ahmd5hmac,
inusesettings={Tunnel,}
slot:0,connid:17,cryptomap:ToOtherRouter
replaydetectionsupport:Y
SampleConfigurations
Thisconfigurationusespresharedkeys.Thisrouterconfigurationisusedinordertocreatethedebugoutput
listedintheDebugInformationsection.ThisconfigurationallowsanetworkcalledXlocatedbehindSourceRouter
totalktoanetworkcalledYlocatedbehindPeerRouter.ConsulttheCiscoIOSSoftwaredocumentationforyour
versionofCiscoIOS,orusetheCommandLookupTool(registeredcustomersonly)formoreinformationabouta
particularcommand.Thistoolallowstheusertolookupadetaileddescriptionorconfigurationguidelinesfora
particularcommand.
NetworkDiagram
Configurations
SourceRouter
PeerRouter
14/26
12/9/2015
SourceRouter
Currentconfiguration:
!
version11.3
servicetimestampsdebuguptime
servicetimestampsloguptime
noservicepasswordencryption
!
hostnamegosse42513
!
enablesecret5$1$ZuRD$YBaAh3oIv4iltIn0TMCUX1
enablepasswordww
!
!IKEconfiguration
cryptoisakmppolicy1
hashmd5
!
!IPsecconfiguration
cryptoipsectransformsetBearPapaesprfc1829
cryptoipsectransformsetBearMamaahmd5hmacespdes
cryptoipsectransformsetBearBabyahrfc1828
!
cryptomaparmadillo1ipsecisakmp
setpeer20.20.20.21
setsecurityassociationlifetimeseconds190
settransformsetBearPapaBearMamaBearBaby
!Traffictoencrypt
matchaddress101
!
interfaceEthernet0
ipaddress60.60.60.60255.255.255.0
nomopenabled
!
interfaceSerial0
ipaddress20.20.20.20255.255.255.0
noipmroutecache
nofairqueue
cryptomaparmadillo
!
interfaceSerial1
noipaddress
shutdown
!
interfaceTokenRing0
noipaddress
shutdown
!
ipclassless
iproute0.0.0.00.0.0.020.20.20.21
!Traffictoencrypt
accesslist101permitip60.60.60.00.0.0.25550.50.50.00.0.0.
255
dialerlist1protocolippermit
15/26
12/9/2015
dialerlist1protocolipxpermit
!
linecon0
exectimeout00
lineaux0
linevty04
passwordww
login
!
end
PeerRouter
Currentconfiguration:
!
version11.3
servicetimestampsdebuguptime
servicetimestampsloguptime
noservicepasswordencryption
!
hostnamegossc22513
!
enablesecret5$1$DBTl$Wtg2eS7Eb/Cw5l.nDhkEi/
enablepasswordww
!
ipsubnetzero
!
!IKEconfiguration
cryptoisakmppolicy1
hashmd5
!
!IPsecconfiguration
cryptoipsectransformsetPapaBearesprfc1829
cryptoipsectransformsetMamaBearahmd5hmacespdes
cryptoipsectransformsetBabyBearahrfc1828
!
!
cryptomaparmadillo1ipsecisakmp
setpeer20.20.20.20
setsecurityassociationlifetimeseconds190
settransformsetMamaBearPapaBearBabyBear
!Traffictoencrypt
matchaddress101
!
!
!
interfaceEthernet0
ipaddress50.50.50.50255.255.255.0
noipdirectedbroadcast
!
interfaceSerial0
ipaddress20.20.20.21255.255.255.0
16/26
12/9/2015
noipmroutecache
nofairqueue
clockrate9600
cryptomaparmadillo
!
interfaceSerial1
noipaddress
shutdown
!
interfaceTokenRing0
noipaddress
shutdown
!
ipclassless
iproute0.0.0.00.0.0.020.20.20.20
!Traffictoencrypt
255
dialerlist1protocolippermit
dialerlist1protocolipxpermit
!
!
linecon0
exectimeout00
transportinputnone
lineaux0
lineaux0
linevty04
passwordww
login
!
end
DebugInformation
ThissectionhasthedebugoutputfromanormalIKE/IPsecsessionbetweentworouters.Theconfigurations
comefromtheSampleConfigurationssectionofthisdocument.Theroutersuseapresharedkey.Bothrouters
havethedebugcryptoisakmp,debugcryptoipsec,anddebugcryptoenginecommandsenabled.Thiswas
testedwithanextendedpingfromtheSourceRouterethernetinterfacetothePeerRouterethernetinterface
(60.60.60.60to50.50.50.50).
Note:Theblue,italicstatementsinthissampledebugoutputarenotestohelpyoufollowwhathappens,theyare
notpartofthedebugoutput.
SourceRouter
SourceRoutershowCommandOutputAfterIKE/IPsecNegotiation
PeerRouterwithSamePingSequence,asSeenfromtheOtherSide
PeerRoutershowCommands
gosse42513#showclock
gosse42513#ping
Protocol[ip]:
TargetIPaddress:50.50.50.50
17/26
12/9/2015
Repeatcount[5]:10
Datagramsize[100]:
Timeoutinseconds[2]:
Extendedcommands[n]:y
Sourceaddressorinterface:60.60.60.60
Typeofservice[0]:
SetDFbitinIPheader?[no]:
Validatereplydata?[no]:
Datapattern[0xABCD]:
Loose,Strict,Record,Timestamp,Verbose[none]:
Sweeprangeofsizes[n]:
Typeescapesequencetoabort.
Sending10,100byteICMPEchosto50.50.50.50,timeoutis2seconds:
Apr212:03:55.347:IPSEC(sa_request):,
(keyeng.msg.)src=20.20.20.20,dest=20.20.20.21,
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
protocol=ESP,transform=esprfc1829,
lifedur=190sand4608000kb,
spi=0x0(0),conn_id=0,keysize=0,flags=0x4004
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
protocol=AH,transform=ahmd5hmac,
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
protocol=ESP,transform=espdes,
spi=0x0(0),conn_id=0,keysi.ze=0,flags=0x4004
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
protocol=AH,transform=ahrfc1828,
!Notethattherouterofferstothepeerallofthe!availabletransforms.
Apr212:03:55.391:ISAKMP(14):beginningMainModeexchange
Apr212:03:57.199:ISAKMP(14):processingSApayload.messageID=0
Apr212:03:57.203:ISAKMP(14):CheckingISAKMPtransform1against
priority1policy
Apr212:03:57.203:ISAKMP:encryptionDESCBC
Apr212:03:57.207:ISAKMP:hashMD5
Apr212:03:57.207:ISAKMP:defaultgroup1
Apr212:03:57.207:ISAKMP:authpreshare
Apr212:03:57.211:ISAKMP(14):attsareacceptable.Nextpayloadis0
Apr212:03:57.215:Cryptoengine0:generatealgparam
Apr212:03:5.8.867:CRYPTO_ENGINE:Dhphase1status:0
Apr212:03:58.871:ISAKMP(14):SAisdoingpresharedkeyauthentication..
Apr212:04:01.291:ISAKMP(14):processingKEpayload.messageID=0
Apr212:04:03.343:ISAKMP(14):processingNONCEpayload.messageID=0
Apr212:04:03.347:Cryptoengine0:createISAKMPSKEYIDforconnid14
18/26
12/9/2015
Apr212:04:03.363:ISAKMP(14):SKEYIDstategenerated
Apr212:04:03.367:ISAKMP(14):processingvendoridpayload
Apr212:04:03.371:ISAKMP(14):speakingtoanotherIOSbox!
Apr212:04:03.371:generatehmaccontextforconnid14
Apr212:04:03.615:ISAKMP(14):processingIDpayload.messageID=0
Apr212:04:03.615:ISAKMP(14):processingHASHpayload.messageID=0
Apr212:04:03.627:ISAKMP(14):SAhasbeenauthenticated
Apr212:04:03.627:ISAKMP(14):beginningQuickModeexchange,MIDof1628162439
!Theselinesrepresentverificationthatthepolicy!attributesarefine,andthefinalauthent
iation:
Apr212:04:03.635:IPSEC(key_engine):gotaqueueevent...
Apr212:04:03.635:IPSEC(spi_response):gettingspi303564824ldforSA
.!!!from20.20.20.21to20.20.20.20forprot3
from20.20.20.21to20.20.20.20forprot2
from20.20.20.21to20.20.20.20forprot3
from20.20.20.21to20.20.20.20forprot2
Apr212:04:04.!!
Successrateis50percent(5/10),roundtripmin/avg/max=264/265/268ms
gosse42513#723:generatehmaccontextforconnid14
Apr212:04:04.731:ISAKMP(14):CheckingIPSecproposal1
Apr212:04:04.735:ISAKMP:transform1,ESP_DES_IV64
Apr212:04:04.735:ISAKMP:attributesintransform:
Apr212:04:04.735:ISAKMP:encapsis1
Apr212:04:04.739:ISAKMP:SAlifetypeinseconds
Apr212:04:04.739:ISAKMP:SAlifeduration(basic)of190
Apr212:04:04.739:ISAKMP:SAlifetypeinkilobytes
Apr212:04:04.743:ISAKMP:SAlifeduration(VPI)of0x00x460x500x0
Apr212:04:04.747:ISAKMP(14):attsareacceptable.
!TheISAKMPdebugislistedbecauseIKEisthe!entitythatnegotiatesIPsecSAsonbehalfofI
Apr212:04:04.747:IPSEC(validate_proposal_request):proposalpart#1,
(keyeng.msg.)dest=20.20.20.21,src=20.20.20.20,
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
lifedur=0sand0kb,
Apr212:04:04.799:ISAKMP(14):CreatingIPSecSAs
Apr212:04:04.803:inboundSAfrom20.20.20.21to20.20.20.20
(proxy50.50.50.0to60.60.60.0)
Apr212:04:04.803:hasspi303564824andconn_id15andflags4
Apr212:04:04.807:lifetimeof190seconds
Apr212:04:04.807:lifetimeof4608000kilobytes
Apr212:04:04.811:outboundSAfrom20.20.20.20to20.20.20.21
(proxy60.60.60.0to50.50.50.0)
19/26
12/9/2015
Apr212:04:04.823:IPSEC(initialize_sas):,
dest_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
src_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
spi=0xAF62683(183903875),conn_id=16,keysize=0,flags=0x4
Apr212:04:04.839:IPSEC(create_sa):sacreated,
(sa)sa_dest=20.20.20.20,sa_prot=50,
sa_spi=0x12180818(303564824),
sa_trans=esprfc1829,sa_conn_id=15
sa_spi=0xAF62683(183903875),
!TheselinesshowthatIPsecSAsarecreatedand!encryptedtrafficcannowpass.
SourceRoutershowCommandOutputAfterIKE/IPsecNegotiation
gosse42513#
gosse42513#showcryptoisakmpsa
20.20.20.2120.20.20.20QM_IDLE140
gosse42513#showcryptoipsecsa
interface:Serial0
Cryptomaptag:armadillo,localaddr.20.20.20.20
currentoutboundspi:AF62683
inboundespsas:
spi:0x12180818(303564824)
transform:esprfc1829,
inusesettings={VarlenIV,Tunnel,}
slot:0,connid:15,cryptomap:armadillo
IVsize:8bytes
replaydetectionsupport:N
20/26
12/9/2015
inboundahsas:
outboundespsas:
spi:0xAF62683(183903875)
IVsize:8bytes
outboundahsas:
gosse42513#showcryptoisakmppolicy
gosse42513#showcryptomap
CryptoMap"armadillo"1ipsecisakmp
Peer=20.20.20.21
255
Securityassociationlifetime:4608000kilobytes/190seconds
PFS(Y/N):N
Transformsets={BearPapa,BearMama,BearBaby,}
PeerRouterwithSamePingSequence,asSeenfromtheOtherSide
gossc22513#showdebug
CryptographicSubsystem:
CryptoISAKMPdebuggingison
CryptoEnginedebuggingison
CryptoIPSECdebuggingison
gossc22513#
Apr212:03:55.111:ISAKMP(14):CheckingISAKMPtransform1against
priority1policy
Apr212:03:55.111:ISAKMP:encryptionDESCBC
Apr212:03:55.111:ISAKMP:hashMD5
Apr212:03:55.115:ISAKMP:defaultgroup1
Apr212:03:55.115:ISAKMP:authpreshare
Apr212:03:55.115:ISAKMP(14):attsareacceptable.Nextpayloadis0
!IKEperformsitsoperation,andthenkicksoffIPsec.
21/26
12/9/2015
Apr212:03:56.707:CRYPTO_ENGINE:Dhphase1status:0
Apr212:03:56.711:ISAKMP(14):SAisdoingpresharedkeyauthentication
Apr212:03:58.667:ISAKMP(14):processingKEpayload.messageID=0
Apr212:04:00.695:Cryptoengine0:createISAKMPSKEYIDforconnid14
Apr212:04:00.707:ISAKMP(14):SKEYIDstategenerated
Apr212:04:00.711:ISAKMP(14):processingvendoridpayload
Apr212:04:00.715:ISAKMP(14):speakingtoanotherIOSbox!
Apr212:04:03.095:ISAKMP(14):processingHASHpayload.messageID=0
Apr212:04:03.107:ISAKMP(14):SAhasbeenauthenticated
Apr212:04:03.843:ISAKMP(14):CheckingIPSecproposal1
Apr212:04:03.843:ISAKMP:transform1,ESP_DES_IV64
Apr212:04:03.847:ISAKMP:attributesintransform:
Apr212:04:03.847:ISAKMP:encapsis1
Apr212:04:03.847:ISAKMP:SAlifetypeinseconds
Apr212:04:03.851:ISAKMP:SAlifeduration(basic)of190
Apr212:04:03.851:ISAKMP:SAlifetypeinkilobytes
Apr212:04:03.855:ISAKMP:SAlifeduration(VPI)of0x00x460x500x0
Apr212:04:03.855:ISAKMP(14):attsareacceptable.
Apr212:04:03.859:IPSEC(validate_proposal_request):proposalpart#1,
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
lifedur=0sand0kb,
439
from20.20.20.20to20.20.20.21forprot3
Apr212:04:04.579:ISAKMP(14):CreatingIPSecSAs
Apr212:04:04.579:inboundSAfrom20.20.20.20to20.20.20.21
(proxy60.60.60.0to50.50.50.0)
Apr212:04:04.587:outboundSAfrom20.20.20.21to20.20.20.20
(proxy50.50.50.0to60.60.60.0)
dest_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
src_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
spi=0xAF62683(183903875),conn_id=15,keysize=0,flags=0x4
22/26
12/9/2015
src_proxy=50.50.50.0/255.255.255.0/0/0(type=4),
dest_proxy=60.60.60.0/255.255.255.0/0/0(type=4),
sa_spi=0xAF62683(183903875),
sa_spi=0x12180818(303564824),
!TheIPsecSAsarecreated,andICMPtrafficcanflow.
PeerRoutershowCommands
!Thisillustratesaseriesofshowcommandoutputafter!IKE/IPsecnegotiationtakespla
ce.
gossc22513#showcryptoisakmpsa
20.20.20.2120.20.20.20QM_IDLE140
gossc22513#showcryptoipsecsa
interface:Serial0
Cryptomaptag:armadillo,localaddr.20.20.20.21
currentoutboundspi:12180818
inboundespsas:
spi:0xAF62683(183903875)
IVsize:8bytes
inboundahsas:
outboundespsas:
spi:0x12180818(303564824)
23/26
12/9/2015
IVsize:8bytes
outboundahsas:
gossc22513#showcryptoisakmppolicy
gossc22513#showcryptomap
CryptoMap"armadillo"1ipsecisakmp
Peer=20.20.20.20
accesslist101permitip50.50.50.00.0.0.25560.60.60.00.0.0.255
Securityassociationlifetime:4608000kilobytes/190seconds
PFS(Y/N):N
Transformsets={MamaBear,PapaBear,BabyBear,}
ImplementationTipsforIPsec
ThesearesomeimplementationtipsforIPsec:
Makecertainthatyouhaveconnectivitybetweentheendpointsofthecommunicationbeforeyouconfigure
crypto.
MakesurethateitherDNSworksontherouter,oryouhaveenteredtheCAhostname,ifyouuseaCA.
IPsecusesIPprotocols50and51,andIKEtrafficpassesonprotocol17,port500(UDP500).Makesure
thesearepermittedappropriately.
BecarefulnottousethewordanyinyourACL.Thiscausesproblems.RefertotheUsageGuidelinesfor
accesslistinthePIXcommandreferenceformoreinformation.
Recommendedtransformcombinationsare:
espdesandespshahmac
ahshahmacandespdes
RememberthatAHisjustanauthenticatedheader.Theactualuserdatastreamisnotencrypted.Youneed
ESPfordatastreamencryption.IfyouuseonlyAHandseecleartextgoacrossthenetwork,donotbe
surprised.AlsouseESPifyouuseAH.NotethatESPcanalsoperformauthentication.Therefore,youcan
useatransformcombinationsuchasespdesandespshahmac.
ahrfc1828andesprfc1829areobsoletetransformsincludedforbackwardscompatibilitywitholderIPsec
implementations.Ifthepeerdoesnotsupportnewertransforms,trytheseinstead.
24/26
12/9/2015
SHAisslowerandmoresecurethanMD5,whereasMD5isfasterandlesssecurethatSHA.Insome
communities,thecomfortlevelwithMD5isverylow.
Whenindoubt,usetunnelmode.Tunnelmodeisthedefaultanditcanbeusedintransportmode,aswellas
foritsVPNcapabilities.
ForclassiccryptouserswhoupgradetoCiscoIOSSoftwareRelease11.3,cryptocommandsstoragemethods
intheconfigurationhaschangedinordertoallowforIPsec.Consequently,ifclassiccryptouserseverrevertto
CiscoIOSSoftwareRelease11.2,theseusershavetoreentertheircryptoconfigurations.
Ifyoudoapingtestacrosstheencryptedlinkwhenyoufinishyourconfiguration,thenegotiationprocesscan
takesometime,aboutsixsecondsonaCisco4500,andabout20secondsonaCisco2500,becauseSAs
havenotyetbeennegotiated.Eventhougheverythingisconfiguredcorrectly,yourpingcaninitiallyfail.The
debugcryptoipsecanddebugcryptoisakmpcommandsshowyouwhathappens.Onceyourencrypted
datastreamshavefinishedtheirsetup,thepingworksfine.
Ifyourunintotroublewithyournegotiation(s)andmakeconfigurationchanges,usetheclearcryptoisand
clearcryptosacommandsinordertoflushthedatabasesbeforeyouretry.Thisforcesnegotiationtostart
anew,withoutanylegacynegotiationtogetintheway.Theclearcryptoisandclearcrysacommandsare
veryusefulinthismanner.
HelpandRelevantLinks
IPsecInformation
IPsecSupportPage
ECRAEncryptionPoliciesandProceduresSendanEmailtoexport@cisco.com
MoreSampleConfigurationsforIPsec
ConfiguringandTroubleshootingCisco'sNetworkLayerEncryption:IPSecandISAKMP
IPsecNetworkSecurityOverview
PIXFirewallIPsecconfigurationdocumentation
PIX5.1
PIX5.2
PIX5.3
PIX6.0
PIX6.1
PIX6.2
PIX6.3
ContacttheCiscoTechnicalSupportat(800)55324HR,(408)5267209,orsendandEmailtotac@cisco.comif
yourequirefurtherassistancewithIPsec.
References
Harkins,D.ISAKMP/OakleyProtocolFeatureSoftwareUnitFunctionalSpecification.ENG0000RevA.Cisco
Systems.
Madson,C.IPSecSoftwareUnitFunctionalSpecificationENG17610RevF.CiscoSystems.
Kaufman,C.PerlmanR.andSpencer,M.NetworkSecurity:PrivateCommunicationinaPublicWorld.Prentice
Hall,1995.
Schneier,B.AppliedCryptography:Protocols,Algorithms,andSourceCodeinC.SecondEd.JohnWiley&
25/26
12/9/2015
Sons,Inc.
VariousIETFIPSecurityworkingdrafts
RelatedInformation
IPsecSupportPage
HowVirtualPrivateNetworksWork
MostCommonL2LandRemoteAccessIPSecVPNTroubleshootingSolutions
TechnicalSupport&DocumentationCiscoSystems
2015Ciscoand/oritsaffiliates.Allrightsreserved.
26/26

An Introduction To IP Security (IPSec) Encryption - Cisco

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

An Introduction To IP Security (IPSec) Encryption - Cisco

Încărcat de

Drepturi de autor:

Formate disponibile

12/9/2015

S-ar putea să vă placă și