Defining an ISAKMP Pre-Shared Key
The best accepted site-to-site VPN bureaucracy amid two PIX firewalls is the
configuration of an IPsec adit with IKE application a pre-shared key. If you use the
firewall to authorize a cardinal of VPNs with altered peers, it is awful recommended
that the pre-shared key be different for anniversary brace of gateways.The key to
be acclimated for establishing an IKE adit with the accurate associate is called based
on the peer’s IP address.The key itself is an alphanumeric cord of up to 128
symbols and charge be configured the aforementioned on both gateways application the following
command:
isakmp key
We charge to configure the key on both firewalls:
PIX1(config)# isakmp key mykey1 abode 23.34.45.56 netmask 255.255.255
.255
PIX2(config)# isakmp key mykey1 abode 12.23.34.45 netmask 255.255.255
.255
In adjustment to use the aforementioned key for abutting to any peer, use 0.0.0.0 both as a
peer abode and as a netmask.