Configure
CA Support Tasks
Configuring for RSA signatures consists of five major tasks,
each requiring multiple steps. This chapter covers the CA configuration tasks
and steps in detail, but those tasks and steps identical to those covered in cp10 for
preshared keys aren’t repeated. Refer to cp10 for a detailed explanation
of these steps.
The five major tasks Cisco uses and which you can expect on the
exam to configure CA support are as follows. The major difference is the
insertion of a new Task 2 specifically for configuring CA support.
-
Task 1 Prepare for IKE and IPSec
-
Task 2 Configure CA support
-
Task 3 Configure IKE
-
Task 4 Configure IPSec
-
Task 5 Test and verify IPSec
A summary task list showing the five tasks broken down to their
individual steps and key commands is included in the Summary. As in cp10, the
steps are numbered to include the task number, as well as to help keep them
straight.
Figure shows the example networks from cp10. These
networks provide an example scenario used throughout this chapter. The goal is
to create a secure VPN tunnel between Rtr1 company main office and Rtr2 at one
of almost 100 branch offices in North America, Europe, and Africa. The
assumption is this: the main office has reserved networks192.168.0.0 through
192.168.127.0 for itself and will use one class C for each branch in the
remaining 192.168.128.0 to 192.168.255.0 addresses.
Because not all configuration steps are repeated in this chapter,
using the same scenario as cp10 means a person performing the configurations along
with the text can refer to cp10 for assistance.
Sections
Comments (0 posted)
Syndication
