A popular technique is to specifically set the remote peer IP address (for security purposes) known as static configuration. Phase 1 in IPSec VPN connection establishment is also involving the remote VPN device IP address (peer). The key is then stored (and encrypted) within each VPN device configuration. This key is basically a string (combination of alphabets, numbers, and characters) that both sites agree to use. One popular technique of this ISAKMP key matching is to use pre-shared key. Phase 1 is to establish the ISAKMP key matching with remote site. This process is to verify that each site is authorized to establish such connection. In general, Phase 1 deals with confirmation among sites that are about to establish secure connection across unsecure network.
Phase 1 is called IKE or ISAKMP SA (Security Association) establishment and Phase 2 is called IPSec SA establishment. Setting up site-to-site IPSec VPN connection in general involves two phases. Setting Up Private Site-To-Site Connections
0 kommentar(er)
