You want to secure rlogin sessions from the system Dog (10.2.2.2)
to the system Cat (10.4.4.4) using manual keys. There is
no configuration for rlogin sessions from Cat to Dog; these sessions
will use the default host IPSec policy and pass in clear text.
Dog Configuration |
 |
The ipsec_config batch file on Dog contains only one host IPSec policy. No
IKE policy or authentication record is required because you are
using manual keys.
add host rlog_dog_to_cat -source 10.2.2.2 \
-destination 10.4.4.4/32/RLOGIN \
-action ESP_AES128_HMAC_SHA1 \
-in ESP/2500004/\
0x0123456789012345678901234567890123456789/\
0x12345678901234567890123456789012 \
-out ESP/2500003/\
0x1234567890123456789012345678901234567890/\
\0x12345678901234567890123456789012
Cat Configuration |
|
The ipsec_config batch file on Cat is the mirror image of the batch file on
Dog. The administrator created the batch file by copying the batch
file from Dog and swapping the source and destination option names (-source and -dst), and swapping the inbound and outbound SA option names
(-in and -out).
add host rlog_dog_to_cat -destination 10.2.2.2 \
-source 10.4.4.4/32/RLOGIN \
-action ESP_AES128_HMAC_SHA1 \
-out ESP/2500004/\
0x0123456789012345678901234567890123456789/\
0x12345678901234567890123456789012 \
-in ESP/2500003/\
0x1234567890123456789012345678901234567890/\
\0x12345678901234567890123456789012
Printable version
