A1:
| Answer: The session keys are manually coded and never change. |
A2:
| Answer: Access VPNs require VPN client software on the remote machine and intranet VPNs do not. |
A3:
| Answer: SHA-1 |
A4:
| Answer: By IP address or host name |
A5:
| Answer: They will not be able to negotiate the connection. |
A6:
| Answer: isakmp policy |
A7:
| Answer: 86,400 seconds |
A8:
| Answer: No, the peers will continue to go through the transforms until they find a match. If there is no match, they will be unable to negotiate the connection. |
A9:
| Answer: isakmp lifetime initiates a renegotiation of IKE based on time only; the crypto map lifetime initiates a renegotiation of the IPSec SA based on time or the amount of traffic the passes through the connection (in kilobytes). |
A10:
| Answer: clear crypto isakmp sa |
A11:
| Answer: isakmp key string address peer-address netmask peer netmask |
A12:
| Answer: You should verify connectivity prior to attempting to establish the VPN. If you have connectivity but cannot establish the VPN, you should verify that the configuration of the peers matches. |
A13:
| Answer: crypto map map-name seq-num match address acl-name |
A14:
| Answer: AH does only header authentication; ESP can perform authentication of the header and the data as well as encryption. |
لطفا منتظر باشید ...
