Certexams practice tests and network simulator Register             Login

CertExams.com Simulator Lab Exercises Answers

Configuring IPSEC Phase 2 proposals

Description: Lab exercise explains the configuration of IPSEC Phase2 proposals

To establish an AutoKey IKE IPsec tunnel, two phases of negotiation are required:

In Phase 1, the participants establish a secure channel in which to negotiate the IPSEC Security Associations (SAs).

In Phase 2, the participants negotiate the IPSEC SAs for encrypting and authenticating the ensuing exchanges of user data.

Command Syntax:

[edit security ipsec]
user@srx#show
proposal {
protocol [ah | esp];
authentication-algorithm [hmac-md5-96 | hmac-sha1-96];
encryption-algorithm [3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc];
lifetime-kilobytes ;
lifetime-seconds ;
} 

Network Diagram:

Instructions:

1. Create an IPsec Phase 2 proposal.

2. Specify the IPsec Phase 2 proposal protocol.

3. Specify the IPsec Phase 2 proposal authentication algorithm.

4. Specify the IPsec Phase 2 proposal encryption algorithm

Note: Please refer to the CertExams.com Juniper Network Simulator software for complete lab.

 

Real Time Web Analytics

Clicky