Upload
meryl-james
View
218
Download
3
Tags:
Embed Size (px)
Citation preview
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-1
Chapter 9
Building IPSEC VPNS Using Cisco Routers
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-2
Objectives
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-3
Objectives
Upon completion of this chapter, you will be able to perform the following tasks:• Define two types Cisco router VPN solutions.
• Describe the Cisco VPN router product family.
• Identify the IPSec and other open standards supported by Cisco VPN routers.
• Identify the component technologies of IPSec.
• Explain how IPSec works.
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-4
Objectives (cont.)
• Configure a Cisco router for IKE using pre-shared keys.
• Configure a Cisco router for IPSec using pre-shared keys.
• Verify the IKE and IPSec configuration.
• Explain the issues regarding configuring IPSec manually and using RSA encrypted nonces.
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-5
Cisco Routers Enable Secure VPNs
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-6
Internet
VPN Definition
VPN—An encrypted connection between private networks over a public network such as the Internet
Mobileuser
AnalogISDNCableDSL
Central site
Server
Remotesite
Remotesite
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-7
Internet
DSLcable
MobileExtranetConsumer-to-business
Telecommuter
Remote Access VPNs
Router
Remote access client
Remote access VPN—Extension/evolution of dial
Central site
POP
POP
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-8
Site-to-Site VPNs
Main office7100/7200/7400
Series
Small office/home office
800/900 Series
Remoteoffice
1700/2600 Series
Regionaloffice
3600/3700 Series
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-9
Cisco VPN Router Portfolio
Enterprise HQAnd Beyond
Cisco 3600
Cisco 1700
Teleworker/SOHO SMB/Small Branch Enterprise Branch Large Branch
Cisco 800
Cisco 1760
Cisco 2600XM/2691
Cisco 3725
Cisco 3745
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-10
Cisco VPN Router Portfolio—Large Enterprise
Cat 6500
Cisco 7140
Cisco 7120
Cisco 7400
Cisco 7200/400
Cisco 7204/225
Large Enterprise
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-11
Small to Mid-Size—Cisco VPN Routers
• Hardware accelerators deliver enhanced encryption performance
800 925 1700 2621 2651 3620 3640 3660
Maximum tunnels 10 20 100 300 800 800 800 1300
Performance (Mbps)
0.384 6 4 12 15 10 18 40
Hardware encryption
None YesVPN
moduleAIM-
VPN/BPAIM-
VPN/BPNM-
VPN/MPNM-
VPN/MPAIM-
VPN/BP
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-12
Enterprise Size—Cisco VPN Routers
• Hardware accelerators deliver enhanced encryption performance
7120 7140 7140 7200 7400 7200CAT 6500
Maximum tunnels 2000 2000 3000 2000 5000 5000 8000
Performance (Mbps)
50 85 145 90 120 145 1.9G
Hardware encryption
ISM ISM VAM ISA VAM VAM Yes
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-13
IPSec Overview
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-14
What Is IPSec?
• IPSec acts at the network layer protecting and authenticating IP packets
– Framework of open standards - algorithm independent
– Provides data confidentiality, data integrity, and origin authentication
Perimeterrouter
Main site
PIXFirewall
Concentrator
SOHO with a Cisco ISDN/DSL router
POP
Mobile worker with aCisco VPN Client on a laptop computer
Business partner with a Cisco router
Regional office with a PIX Firewall
IPSec
Corporate
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-15
IPSec Security Services
• Confidentiality
• Data integrity
• Origin authentication
• Anti-replay protection
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-16
Confidentiality (Encryption)
This quarterly report does not look so
good. Hmmm . . . .
Earnings off by 15%
Internet
Server
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-17
Internet
Types of Encryption
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9eRU78IOPotVBn45TR
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Hmmm . . . .I cannot
read a thing.
Encryptionalgorithm
4ehIDx67NMop9eRU78IOPotVBn45TR
Encryptionalgorithm
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-18
DH Key Exchange
Protocol Messages
Terry Alexpublic key A
+ private key Bshared secret
key (BA)
Internet
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Protocol Messages
public key B+ private key A
shared secretkey (AB)=
4ehIDx67NMop9eRU78IOPotVBn45TR
4ehIDx67NMop9eRU78IOPotVBn45TR
Key Key
Data Traffic
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Data Traffic
Decrypt Decrypt
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-19
1. Generate large integer p. Send p to Peer B. Receive q. Generate g.
2. Generate private key XA
5. Generate shared secret number ZZ = YB^ XA mod p
2. Generate private key XB
3. Generate public key YA = g ^ XA mod p
3. Generate public key YB = g ^ XB mod p
4. Send public key YA 4. Send public key YB
5. Generate shared secret number ZZ = YA^ XB mod p
6. Generate shared secret key from ZZ (DES, 3DES, or AES)
6. Generate shared secret key from ZZ (DES, 3DES, or AES)
Peer BPeer A
1. Generate large integer q. Send q to Peer A. Receive p. Generate g.
DH Key Exchange
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-20
RSA Encryption
Key Key
Remote’spublic key
Remote’sprivate key
KJklzeAidJfdlwiej47DlItfd578MNSbXoE
Local Remote
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Pay to Terry Smith $100.00
One Hundred and xx/100 DollarsDecryptEncrypt
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-21
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Encryption Algorithms
Encryption algorithms
• DES
• 3DES
• AES
• RSA
Key
Decryption key
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9eRU78IOPotVBn45TR
Decrypt
Key
Encryption key
Encrypt
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-22
Data Integrity
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Pay to Alex Jones $1000.00
One Thousand and xx/100 Dollars
Yes, I am
Alex Jones
4ehIDx67NMop9 12ehqPx67NMoX
Match = No changesNo match = Alterations
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-23
HMAC
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9
Message + hash
Variable-length input message
Shared secret key
Hashfunction
4ehIDx67NMop9
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Local
1
Received message
Hashfunction
4ehIDx67NMop9
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Shared secret key
Remote
2
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-24
Hashfunction
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9 4ehIDx67NMop9
HMAC Algorithms
HMAC algorithms
• HMAC-MD5
• HMAC-SHA-1
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-25
Internet
Digital Signatures
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9
Hashalgorithm
Hashalgorithm
Encryptionalgorithm
Encryptionalgorithm
Hash
Decryptionalgorithm
Decryptionalgorithm Hash
Privatekey Public
key
Local Remote
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
4ehIDx67NMop9
Hash
Match
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-26
Peer Authentication
Peer authentication methods:• Pre-shared keys
• RSA signatures
• RSA encrypted nonces
HR servers
Peerauthentication
Remote officeCorporate Office
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-27
Pre-Shared Keys
Authenticating hash (Hash_L)
+ ID Information
Local Peer
Hash
Auth. Key
Remote Router
Computedhash (Hash)
Hash
Receivedhash
(Hash_L)
=
+ ID Information
Auth. Key
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-28
RSA Signatures
Encryptionalgorithm
Encryptionalgorithm
Hash_I
Decryptionalgorithm
Decryptionalgorithm Hash_I
Privatekey
Publickey
Local Remote
Hash
=
+ ID Information
Hash
Auth. key
Digitalsignature
Digitalsignature
+ ID Information
Hash
Auth. key
1
2
Digitalcert +
Digitalcert
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-29
RSA Encrypted Nonces
Authenticating hash (Hash_I)
+ ID Information
Local Remote
Hash
Computedhash
(Hash_I)
Hash
Receivedhash
(Hash_I)
=
+ ID Information
Auth. key
Internet
Auth. key
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-30
IPSec Protocol Framework
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-31
IPSec Security Protocols
The Encapsulating Security Payload provides the following:• Encryption
• Authentication
• Integrity
All data in clear textRouter A Router B
Data payload is encryptedRouter A Router B
The Authentication Header provides the following:
• Authentication
• Integrity
Authentication Header
Encapsulating Security Payload
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-32
All data in clear textRouter A Router B
Authentication Header
• Ensures data integrity
• Provides origin authentication (ensures packets definitely came from peer router)
• Uses keyed-hash mechanism
• Does not provide confidentiality (no encryption)
• Provides anti-replay protection
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-33
Authentication data (00ABCDEF)
IP header + data + key
AH Authentication and Integrity
Router A
Router BHash
Re-computedhash
(00ABCDEF)
IP header + data + key
Hash
Receivedhash
(00ABCDEF) =
DataAHIP HDR
DataAHIP HDR
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-34
Data payload is encryptedRouter A Router B
ESP
• Data confidentiality (encryption)
• Data integrity
• Data origin authentication
• Anti-replay protection
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-35
ESP Protocol
• Provides confidentiality with encryption
• Provides integrity with authentication
Router Router
IP HDR Data
ESP HDRNew IP HDRESP
TrailerESP AuthIP HDR Data
EncryptedAuthenticated
IP HDR Data
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-36
Modes of Use—Tunnel versus Transport Mode
IP HDR
Encrypted
ESP HDR Data
IP HDR Data
ESP HDR IP HDRNew IP HDR Data
Tunnel mode
Transport mode
ESP Trailer
ESP Auth
ESP Trailer
ESP Auth
Authenticated
EncryptedAuthenticated
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-37
Tunnel Mode
HR servers
Tunnel mode
Remote officeCorporate office
HR servers
Tunnel mode
Corporate officeHome office
Internet
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-38
IPSec Protocol—Framework
MD5 SHA
IPSec Framework
DES 3DES
DH2DH1
ESP AHIPSec Protocol
Encryption
Diffie-Hellman
Authentication
Choices:
AES
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-39
How IPSec Works
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-40
Five Steps of IPSec
• Interesting Traffic—The VPN devices recognize the traffic to protect.
• IKE Phase 1—The VPN devices negotiate an IKE security policy and establish a secure channel.
• IKE Phase 2—The VPN devices negotiate an IPSec security policy used to protect IPSec data.
• Data transfer—The VPN devices apply security services to traffic and then transmit the traffic.
• Tunnel terminated—The tunnel is torn down.
Host A Host BRouter A Router B
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-41
Step 1—Interesting Traffic
Host A Host BRouter A Router B
10.0.1.3 10.0.2.3Apply IPSec
Bypass IPSec
Send in cleartext
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-42
Step 2—IKE Phase 1
Host A Host BRouter A Router B
10.0.1.3 10.0.2.3IKE Phase 1:main mode exchange
Negotiate thepolicy
DH exchange
Verify the peeridentity
Negotiate thepolicy
DH exchange
Verify the peeridentity
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-43
IKE Transform Sets
Transform 15DESMD5
pre-shareDH1
lifetime
Transform 10DESMD5
pre-shareDH1
lifetime
IKE Policy Sets
Transform 203DESSHA
pre-shareDH1
lifetime
Host A Host BRouter A Router B
10.0.1.3 10.0.2.3Negotiate IKE Proposals
• Negotiates matching IKE transform sets to protect IKE exchange
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-44
Internet
DH Key Exchange
Terry Alexpublic key A
+ private key Bshared secret
key (BA)
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
Pay to Terry Smith $100.00
One Hundred and xx/100 Dollars
public key B+ private key A
shared secretkey (AB)=
4ehIDx67NMop9eRU78IOPotVBn45TR
4ehIDx67NMop9eRU78IOPotVBn45TR
Key Key
DecryptEncrypt
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-45
Authenticate Peer Identity
Peer authentication methods
• Pre-shared keys
• RSA signatures
• RSA encrypted nonces
HR servers
Peerauthentication
Remote officeCorporate office
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-46
Step 3—IKE Phase 2
Host A Host BRouter A Router B
10.0.1.3 10.0.2.3Negotiate IPSec security parameters
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-47
IPSec Transform Sets
• A transform set is a combination of algorithms and protocols that enact a security policy for traffic.
Transform set 55ESP
3DESSHA
TunnelLifetime
Transform set 30ESP
3DESSHA
TunnelLifetime
IPSec Transform Sets
Transform set 40ESPDESMD5
TunnelLifetime
Host A Host BRouter A Router B
10.0.1.3 10.0.2.3Negotiate transform sets
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-48
Security Associations (SA)
SASA Db
• Destination IP address
• SPI
• Protocol (ESP or AH)
Security Policy Db
• Encryption Algorithm
• Authentication Algorithm
• Mode
• Key lifetime
B A N K
192.168.2.1SPI–12
ESP/3DES/SHAtunnel28800
192.168.12.1 SPI–39
ESP/DES/MD5tunnel28800
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-49
SA Lifetime
Data-based Time-based
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-50
Step 4—IPSec Session
• SAs are exchanged between peers.
• The negotiated security services are applied to the traffic.
Host A Host BRouter A Router B
IPSec session
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-51
Step 5—Tunnel Termination
• A tunnel is terminated
– By an SA lifetime timeout
– If the packet counter is exceeded
• Removes IPSec SA
Host A Host BRouter A Router B
IPSec tunnel
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-52
Configuring IPSec Encryption
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-53
Task 1—Prepare for IKE and IPSec.Task 2—Configure IKE.Task 3—Configure IPSec.
Task 4—Test and Verify IPSec.
Tasks to Configure IPSec Encryption
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-54
Task 1—Prepare for IKE and IPSec
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-55
Task 1—Prepare for IKE and IPSec
Step 1—Determine IKE (IKE phase one) policy.
Step 2—Determine IPSec (IKE phase two) policy.
Step 3—Check the current configuration. show running-configuration
show crypto isakmp policy
show crypto map
Step 4—Ensure the network works without encryption.ping
Step 5—Ensure access lists are compatible with IPSec.show access-lists
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-56
Determine the following policy details: Key distribution method Authentication method IPSec peer IP addresses and hostnames IKE phase 1 policies for all peers
Encryption algorithm Hash algorithm IKE SA lifetime
Goal: Minimize misconfiguration.
Step 1—Determine IKE (IKE Phase One) Policy
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-57
IKE Phase One Policy Parameters
< 86400 seconds86400 secondsIKE SA lifetime
DH Group 2DH Group 1Key exchange
RSA encryption
RSA signaturePre-shared
Authentication method
SHA-1MD5Hash algorithm
3-DESDESEncryption algorithm
StrongerStrongParameter
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-58
IKE Policy Example
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
172.30.1.2172.30.2.2Peer IP address
86400 seconds86400 secondsIKE SA lifetime
DH Group 1DH Group 1Key exchange
Pre-shared keysPre-shared keysAuthentication method
MD5MD5Hash algorithm
DESDESEncryption algorithm
Site 2Site 1Parameter
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-59
Determine the following policy details: IPSec algorithms and parameters for optimal
security and performance Transforms and, if necessary, transform
sets IPSec peer details IP address and applications of hosts to be
protected Manual or IKE-initiated SAs
Goal: Minimize misconfiguration.
Step 2—Determine IPSec (IKE Phase Two) Policy
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-60
RouterA(config)# crypto ipsec transform-set
transform-set-name ?
ah-md5-hmac AH-HMAC-MD5 transform
ah-sha-hmac AH-HMAC-SHA transformesp-3des ESP transform using 3DES(EDE) cipher (168
bits)esp-des ESP transform using DES cipher (56 bits)esp-md5-hmac ESP transform using HMAC-MD5 authesp-sha-hmac ESP transform using HMAC-SHA authesp-null ESP transform w/o cipher
Cisco IOS software supports the following IPSec transforms:
IPSec Transforms Supported in Cisco IOS Software
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-61
IPSec Policy Example
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
Ipsec-isakmpIpsec-isakmpSA establishment
TCPTCPTraffic (packet) type to be encrypted
10.0.2.310.0.1.3Hosts to be encrypted
172.30.1.2172.30.2.2Peer IP address
RouterARouterBPeer hostname
ESP-DES, tunnelESP-DES, tunnelTransform set
Site 2Site 1Policy
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-62
Identify IPSec Peers
Cisco router
Remote user withCisco VPN Client
Other vendor’s IPSec peers
Cisco router
CiscoPIX Firewall
CA server
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-63
Step 3—Check Current Configuration
show crypto isakmp policy • View default and any configured IKE phase one policies.
RouterA# show crypto isakmp policyDefault protection suite encryption algorithm: DES - Data Encryption Standard (56 bit keys) hash algorithm: Secure Hash Standard authentication method: Rivest-Shamir-Adleman Signature Diffie-Hellman Group: #1 (768 bit) lifetime: 86400 seconds, no volume limit
router#
show running-config • View router configuration for existing IPSec policies.
router#172.30.1.2
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-64
Step 3—Check Current Configuration (cont.)
show crypto map• View any configured crypto maps.
router#
RouterA# show crypto mapCrypto Map "mymap" 10 ipsec-isakmp Peer = 172.30.2.2 Extended IP access list 102 access-list 102 permit ip host 172.30.1.2 host 172.30.2.2 Current peer: 172.30.2.2 Security association lifetime: 4608000 kilobytes/3600 seconds PFS (Y/N): N
Transform sets={ mine, }
172.30.1.2
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-65
Step 3—Check Current Configuration (cont.)
show crypto ipsec transform-set• View any configured transform sets.
router#
RouterA# show crypto ipsec transform-set mine Transform set mine: { esp-des } will negotiate = { Tunnel, },
172.30.1.2 172.30.2.2
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-66
Step 4—Ensure the Network Works
RouterA# ping 172.30.2.2
Cisco router
Remote user withCisco Unified
VPN client
Other vendor’s IPSec peers
Cisco RouterB172.30.2.2
Cisco PIX Firewall
CA server
Cisco RouterA172.30.1.2
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-67
Step 5—Ensure Access Lists are Compatible with IPSec
RouterA# show access-lists access-list 102 permit ahp host 172.30.2.2 host 172.30.1.2access-list 102 permit esp host 172.30.2.2 host 172.30.1.2access-list 102 permit udp host 172.30.2.2 host 172.30.1.2 eq isakmp
IKEAH
ESP
• Ensure protocols 50 and 51, and UDP port 500 traffic are not blocked at interfaces used by IPSec.
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-68
Task 2—Configure IKE
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-69
Task 2—Configure IKE
Step 1—Enable or disable IKE.crypto isakmp enable
Step 2—Create IKE policies.crypto isakmp policy
Step 3—Configure pre-shared keys.crypto isakmp key
Step 4—Verify the IKE configuration.show crypto isakmp policy
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-70
Step 1—Enable or Disable IKE
RouterA(config)# no crypto isakmp enable RouterA(config)# crypto isakmp enable
• Globally enables or disables IKE at your router.
• IKE is enabled by default.
• IKE is enabled globally for all interfaces at the router.
• Use the no form of the command to disable IKE.
• An ACL can be used to block IKE on a particular interface.
router(config)#
[no] crypto isakmp enable
172.30.1.2
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-71
Step 2—Create IKE Policies
crypto isakmp policy priority
• Defines an IKE policy, which is a set of parameters used during IKE negotiation.
• Invokes the config-isakmp command mode.
router(config)#
RouterA(config)# crypto isakmp policy 110
172.30.1.2
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-72
Create IKE Policies with the crypto isakmp Command
• Defines the parameters within the IKE policy 110.
crypto isakmp policy priority
router(config)#
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
RouterA(config)# crypto isakmp policy 110RouterA(config-isakmp)# authentication pre-shareRouterA(config-isakmp)# encryption desRouterA(config-isakmp)# group 1RouterA(config-isakmp)# hash md5RouterA(config-isakmp)# lifetime 86400
Policy 110DESMD5
Pre-Share86400
Tunnel
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-73
IKE Policy Negotiation
crypto isakmp policy 100 hash md5 authentication pre-sharecrypto isakmp policy 200 authentication rsa-sig hash shacrypto isakmp policy 300 authentication pre-share hash md5
• The first two policies in each router can be successfully negotiated while the last one can not.
RouterA(config)# RouterB(config)#crypto isakmp policy 100 hash md5 authentication pre-sharecrypto isakmp policy 200 authentication rsa-sig hash shacrypto isakmp policy 300 authentication rsa-sig hash md5
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-74
Step 3—Configure ISAKMP Identity
router(config)#
crypto isakmp identity {address | hostname}
• Defines whether ISAKMP identity is done by IP address or hostname.
• Use consistently across ISAKMP peers.
Site 1 Site 2
172.30.1.2 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-75
Step 3—Configure Pre-Shared Keys
RouterA(config)# crypto isakmp key cisco1234 address 172.30.2.2
• Assigns a keystring and the peer address.
• The peer’s IP address or host name can be used.
router(config)#
crypto isakmp key keystring address peer-address
crypto isakmp key keystring hostname hostname
router(config)#
Pre-shared keyCisco1234
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-76
Step 4—Verify the IKE Configuration
RouterA# show crypto isakmp policyProtection suite of priority 110 encryption algorithm: DES - Data Encryption Standard (56 bit keys). hash algorithm: Message Digest 5 authentication method: Pre-Shared Key Diffie-Hellman group: #1 (768 bit) lifetime: 86400 seconds, no volume limitDefault protection suite encryption algorithm: DES - Data Encryption Standard (56 bit keys). hash algorithm: Secure Hash Standard authentication method: Rivest-Shamir-Adleman Signature Diffie-Hellman group: #1 (768 bit) lifetime: 86400 seconds, no volume limit
• Displays configured and default IKE policies.
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-77
Task 3—Configure IPSec
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-78
Step 1—Configure transform set suites.crypto ipsec transform-set
Step 2—Configure global IPSec SA lifetimes.crypto ipsec security-association lifetime
Step 3—Create crypto access lists.access-list
Task 3—Configure IPSec
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-79
Step 4—Create crypto maps.crypto map
Step 5—Apply crypto maps to interfaces.interface serial0
crypto map
Task 3—Configure IPSec (cont.)
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-80
Step 1—Configure Transform Set Suites
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-81
Configure Transform Sets
crypto ipsec transform-set transform-set-name transform1 [transform2 [transform3]]router(cfg-crypto-trans)#
• A transform set is a combination of IPSec transforms that enact a security policy for traffic.
• Sets are limited to up to one AH and up to two ESP transforms.
router(config)#
RouterA(config)# crypto ipsec transform-set mine des
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
Mineesp-desTunnel
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-82
Transform Set Negotiation
• Transform sets are negotiated during IKE phase two.
transform-set 10 esp-3des tunnel
transform-set 20 esp-des, esp-md5-hmac tunnel
transform-set 30 esp-3des, esp-sha-hmac tunnel
transform-set 40 esp-des tunnel
transform-set 50 esp-des, ah-sha-hmac tunnel
transform-set 60 esp-3des, esp-sha-hmac tunnel
Match
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-83
Step 2—Configure Global IPSec Security Association
Lifetimes
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-84
crypto ipsec security-association lifetime Command
• Configures global IPSec SA lifetime values used when negotiating IPSec security associations.
• IPSec SA lifetimes are negotiated during IKE phase two.
• Can optionally configure interface specific IPSec SA lifetimes in crypto maps.
• IPSec SA lifetimes in crypto maps override global IPSec SA lifetimes.
crypto ipsec security-association lifetime {seconds seconds | kilobytes kilobytes}
router(config)#
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
RouterA(config)# crypto ipsec security-association lifetime 86400
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-85
Global Security Association Lifetime Examples
RouterA(config)# crypto ipsec security-association lifetime kilobytes 1382400
• When a security association expires, a new one is negotiated without interrupting the data flow.
RouterA(config)# crypto ipsec security-association lifetime seconds 2700
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-86
Step 3—Create Crypto ACLs
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-87
Purpose of Crypto Access Lists
• Outbound—Indicate the data flow to be protected by IPSec.
• Inbound—filter out and discard traffic that should have been protected by IPSec.
EncryptBypass (clear text)
Outboundtraffic
Inboundtraffic
PermitBypass (clear text)
Site 1
A
InternetRouterA
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-88
Extended IP Access Lists for Crypto Access Lists
access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence][tos tos] [log]
router(config)#
• Define which IP traffic will be protected by crypto.
• Permit = encrypt / Deny = do not encrypt.
RouterA(config)# access-list 110 permit tcp 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
10.0.1.0 10.0.2.0Encrypt
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-89
RouterA(config)# access-list 110 permit tcp 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255
RouterB(config)# access-list 101 permit tcp 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255
Configure Symmetrical Peer Crypto Access Lists
• You must configure mirror image ACLs.
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-90
Step 4—Create Crypto Maps
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-91
Purpose of Crypto Maps
Crypto maps pull together the various parts configured for IPSec, including• Which traffic should be protected by IPSec.
• The granularity of the traffic to be protected by a set of SAs.
• Where IPSec-protected traffic should be sent.
• The local address to be used for the IPSec traffic.
• What IPSec type should be applied to this traffic.
• Whether SAs are established (manually or via IKE).
• Other parameters needed to define an IPSec SA.
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-92
Crypto Map Parameters
Crypto maps define the following:• The access list to be used.
• Remote VPN peers.
• Transform-set to be used.
• Key management method.
• Security-association lifetimes.
Cryptomap
Routerinterface
Encrypted traffic
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-93
crypto map map-name seq-num ipsec-manual
crypto map map-name seq-num ipsec-isakmp [dynamic dynamic-map-name]
router(config)#
• Use a different sequence number for each peer.
• Multiple peers can be specified in a single crypto map for redundancy.
• One crypto map per interface
Configure IPSec Crypto Maps
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
RouterA(config)# crypto map mymap 110 ipsec-isakmp
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-94
Example Crypto Map Commands
RouterA(config)# crypto map mymap 110 ipsec-isakmpRouterA(config-crypto-map)# match address 110RouterA(config-crypto-map)# set peer 172.30.2.2RouterA(config-crypto-map)# set peer 172.30.3.2RouterA(config-crypto-map)# set pfs group1RouterA(config-crypto-map)# set transform-set mineRouterA(config-crypto-map)# set security-association lifetime 86400
• Multiple peers can be specified for redundancy.
Site 1 Site 2
172.30.2.2
A B10.0.1.3 10.0.2.3
RouterA RouterB
172.30.3.2
B
RouterC
Internet
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-95
Step 5—Apply Crypto Maps to Interfaces
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-96
RouterA(config)# interface ethernet0/1RouterA(config-if)# crypto map mymap
• Apply the crypto map to outgoing interface
• Activates the IPSec policy
Applying Crypto Maps to Interfaces
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
mymap
router(config-if)#
crypto map map-name
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-97
IPSec Configuration Examples
RouterA# show running configcrypto ipsec transform-set mine esp-des!crypto map mymap 10 ipsec-isakmpset peer 172.30.2.2set transform-set minematch address 110!interface Ethernet 0/1ip address 172.30.1.2 255.255.255.0no ip directed-broadcastcrypto map mymap!access-list 110 permit tcp 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
RouterB# show running configcrypto ipsec transform-set mine esp-des!crypto map mymap 10 ipsec-isakmpset peer 172.30.1.2set transform-set minematch address 101!interface Ethernet 0/1ip address 172.30.2.2 255.255.255.0no ip directed-broadcastcrypto map mymap!access-list 101 permit tcp 10.0.2.0 0.0.0.255 10.0.1.0 0.0.0.255
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-98
Task 4—Test and Verify IPSec
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-99
Task 4—Test and Verify IPSec
• Display your configured IKE policies.
show crypto isakmp policy
• Display your configured transform sets.
show crypto ipsec transform set
• Display the current state of your IPSec SAs.
show crypto ipsec sa
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-100
Task 4—Test and Verify IPSec (cont.)
• Display your configured crypto maps.
show crypto map
• Enable debug output for IPSec events.
debug crypto ipsec
• Enable debug output for ISAKMP events.
debug crypto isakmp
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-101
show crypto isakmp policy Command
show crypto isakmp policy
RouterA# show crypto isakmp policy Protection suite of priority 110 encryption algorithm: DES - Data Encryption Standard (56 bit keys). hash algorithm: Message Digest 5 authentication method: Rivest-Shamir-Adleman Encryption Diffie-Hellman group: #1 (768 bit) lifetime: 86400 seconds, no volume limitDefault protection suite encryption algorithm: DES - Data Encryption Standard (56 bit keys). hash algorithm: Secure Hash Standard authentication method: Rivest-Shamir-Adleman Signature Diffie-Hellman group: #1 (768 bit) lifetime: 86400 seconds, no volume limit
router#
Site 1 Site 2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-102
show crypto ipsec transform-set
• View the currently defined transform sets.
RouterA# show crypto ipsec transform-set Transform set mine: { esp-des }
will negotiate = { Tunnel, },
show crypto ipsec transform-set Command
router#
E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-103
show crypto ipsec sa Command
show crypto ipsec sa
RouterA# show crypto ipsec sainterface: Ethernet0/1
Crypto map tag: mymap, local addr. 172.30.1.2 local ident (addr/mask/prot/port): (172.30.1.2/255.255.255.255/0/0) remote ident (addr/mask/prot/port): (172.30.2.2/255.255.255.255/0/0) current_peer: 172.30.2.2 PERMIT, flags={origin_is_acl,} #pkts encaps: 21, #pkts encrypt: 21, #pkts digest 0 #pkts decaps: 21, #pkts decrypt: 21, #pkts verify 0 #send errors 0, #recv errors 0 local crypto endpt.: 172.30.1.2, remote crypto endpt.: 172.30.2.2 path mtu 1500, media mtu 1500 current outbound spi: 8AE1C9C
router#E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-104
show crypto map Command
RouterA# show crypto mapCrypto Map "mymap" 10 ipsec-isakmp
Peer = 172.30.2.2 Extended IP access list 102 access-list 102 permit ip host 172.30.1.2 host 172.30.2.2 Current peer: 172.30.2.2 Security association lifetime: 4608000 kilobytes/3600 seconds PFS (Y/N): N Transform sets={ mine, }
show crypto map
• View the currently configured crypto maps.
router#E0/1 172.30.1.2
Site 1 Site 2
E0/1 172.30.2.2
A B10.0.1.3 10.0.2.3
InternetRouterA RouterB
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-105
debug crypto Commands
debug crypto ipsec
• Displays debug messages about all IPSec actions.
debug crypto isakmp
• Displays debug messages about all ISAKMP actions.
router#
router#
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-106
%CRYPTO-6-IKMP_SA_NOT_AUTH: Cannot accept Quick Mode exchange from %15i if SA is not authenticated!
• ISAKMP SA with the remote peer was not authenticated.
%CRYPTO-6-IKMP_SA_NOT_OFFERED: Remote peer %15i responded with attribute [chars] not offered or changed
• ISAKMP peers failed protection suite negotiation for ISAKMP.
Crypto System Error Messages for ISAKMP
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-107
Overview of Configuring IPSec Manually
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-108
Setting Manual Keys withsecurity-association Commands
set security-association inbound|outbound ah spihex-key-string
set security-association inbound|outbound esp spi cipherhex-key-string [authenticator hex-key-string]
• Specifies inbound or outbound SA.• Sets Security Parameter Index (SPI) for the SA.• Sets manual AH and ESP keys:
– ESP key length is 56 bits with DES, 168 with 3DES.– AH HMAC key length is 128 bits with MD5, 160 bits with SHA.
• SPIs should be reciprocal for IPsec peer.
router(config-crypto-map)#
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-109
Overview of Configuring IPSec for RSA Encrypted Nonces
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-110
Tasks to Configure IPSec for RSA Encryption
Task 1—Prepare for IPSec.
Task 2—Configure RSA keys.
Task 3—Configure IKE.
Task 4—Configure IPSec.
Task 5—Test and verify IPSec.
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-111
Task 2—Configure RSA Keys
Step 1—Plan for RSA keys.
Step 2—Configure the router’s host name and domain name.hostname name
ip domain-name name
Step 3—Generate RSA keys.crypto key generate rsa usage keys
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-112
Task 2—Configure RSA Keys (cont.)
Step 4—Enter peer RSA public keys.crypto key pubkey-chain
crypto key pubkey-chain rsa
addressed-key key address
named-key key name
key-string
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-113
Task 2—Configure RSA Keys (cont.)
Step 5—Verify key configuration.show crypto key mypubkey rsa
show crypto key pubkey-chain rsa
Step 6—Manage RSA keys.crypto key zeroize rsa
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-114
Summary
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-115
Summary
• Cisco supports the following IPSec standards: AH, ESP, DES, 3DES, MD5, SHA, RSA signatures, IKE (also known as ISAKMP), DH, and CAs.
• There are five steps to IPSec: interesting traffic, IKE phase 1, IKE phase 2, IPSec encrypted traffic, and tunnel termination.
• IPSec SAs consist of a destination address, SPI, IPSec transform, mode, and SA lifetime value.
• Define the detailed crypto IKE and IPSec security policy before beginning configuration.
• Ensure router access lists permit IPSec traffic.
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-116
Summary (cont.)
• IKE policies define the set of parameters used during IKE negotiation.
• Transform sets determine IPSec transform and mode.
• Crypto access lists determine traffic to be encrypted.
• Crypto maps pull together all IPSec details and are applied to interfaces.
• Use show and debug commands to test and troubleshoot.
• IPSec can also be configured manually or using encrypted nonces.
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-117
Lab Exercise
© 2003, Cisco Systems, Inc. All rights reserved. SECUR 1.0—9-118
Lab Visual Objective
172.30.Q.0172.30.P.0
STUDENT PC
.2
.2
STUDENT PC
ROUTER
WEB/FTPCSACS
WEB/FTPCSACS
.1
.2
.2
ROUTER
.1
REMOTE: 10.1.P.12LOCAL: 10.0.P.12
REMOTE: 10.1.Q.12LOCAL: 10.0.Q.12
10.0.P.0 10.0.Q.0
PODS 1-5 PODS 6-10
.10WEBFTP
WEBFTP
.10
172.26.26.0.150
.50
WEBFTP
RBB
.100
RTS
.100
RTS