IP Sec

Question 1

What is the function of a IPsec transform set?

Answer 1

Defines Phase 2 tunnel encryption and hashing

Question 2

What are the ASA PSK VPN Configuration Steps? (6)

Answer 2

Enable IKE on “outside” interface
Configure ISAKMP phase 1 policy
Configure IPSec L2L tunnel group
Configure traffic to allow through VPN
Configure IPSec transform set
Configure crypto map and assigned to “outside” interface.

Question 3

How do you Configure traffic to allow through VPN?

Answer 3

Create network objects for source and destination networks

Create access list referencing network object

Question 4

When configuring isakmp phase 1 policy you need to Defines Phase 1 _____ properties and ________ methods

Answer 4

When configuring isakmp phase 1 policy you need to Defines Phase 1 tunnel properties and authentication methods

Question 5

When configuring IPSec L2L tunnel group you are required to defines VPN _____ and assign a?

Answer 5

When configuring IPSec L2L tunnel group you are required to defines VPN target IP and assign a Pre-shared key

Question 6

When configuring crypto map and assigned to “outside” interface, its function is?

Answer 6

Pulls together allowed traffic, transform set and target address
May have variations in case multiple VPN with different parameters

Question 7

What command is used to enable ASA Enable IKE?

Answer 7

crypto ikev1 enable outside

Question 8

What commands are used to configure a ASA Phase 1 Policy?

Answer 8

crypto ikev1 policy 1
encryption aes 256
hash sha
group 5
lifetime 86400
authentication pre-share

Question 9

What command is used to create a tunnel group?

Answer 9

tunnel-group 192.168.244.5 type ipsec-l2l
tunnel-group 192.168.244.5 ipsec-attributes
ikev1 pre-shared-key Secret55