For example, the string used is SECRET_KEY (a more secure key is recommended).Ī Crypto Map must be created to bind all the assorted ACLs, Peers, and crypto parameters. The key is a string of text used to initialize the IKE tunnel which will configure identically on both firewalls. Also, the pre-shared key (versus implementing a stronger RSA public key) must be created. Next a tunnel group must be defined with tunnel group name (Example is using Peer WAN IP), the LAN to LAN type, and IPSec attributes. The transform set must be the same for both peers, in this example we use myset for the name of the transform set.Ĭrypto ipsec transform-set myset ESP-AES-256-SHA esp-aes-256 esp-sha-hmac During the IPsec security association negotiation with ISAKMP, the peers agree to use a particular transform set to protect a particular data flow. The transform set combines an encryption and an authentication method. The Answer is 4,096 Subnetworks and 4092 Usable host since, 10.0.0.0 255.255.240.0 reserves 12bits for network and 12bits for host (-2 for usable hosts).Īn Access Control List policy must be configured in order to allow traffic from the LAN to transverse the IPSec tunnel and communication with the remote network.Īccess-list VPN_ACL extended permit ip 10.10.1.0 255.255.255.0 10.10.20.0 255.255.255.0.Plug in the appropriate statement (2^(32 Bits- CIDR)-2= Usable Hosts).Plug in the CIDR Prefix into the appropriate statement (If Class A Address, then 2^(CIDR-8)= Subnetworks).Question: How many subnets and hosts per subnet can you get from the network 10.0.0.0 255.255.240.0? Plug in the Subnetwork Interval into the IP Address:.Plug in the CIDR Prefix into the appropriate statement (If CIDRConvert the Decimal Mask to CIDR Prefix:.Question: What is the first valid host on the subnetwork that the node 172.26.21.206 255.255.254.0 belongs to? Here is a chart for conversion of CIDR: CIDR Class C has 24 Network Bits and 8 Host bits.Class B has 16 Network Bits and 16 Host bits.Class A has 8 Network Bits and 24 Host bits.If CIDR< 32 then, 2^(32-CIDR)= Subnetwork Interval IPv4 Private IP Address Range If CIDR< 24 then, 2^(24-CIDR)= Subnetwork Interval If CIDR< 16 then, 2^(16-CIDR)= Subnetwork Interval If CIDR< 8 then, 2^(8-CIDR)= Subnetwork Interval
If Class C Address then, 2^(CIDR-24 Network Bits)= Subnetworks How to find the number of usable hostĢ^(32 Bits- CIDR)-2= Usable Hosts How to find Subnetwork Interval If Class B Address then, 2^(CIDR-16 Network Bits)= Subnetworks If Class A Address then, 2^(CIDR-8 Network Bits)= Subnetworks
Also, here is a great site to practice subnetting: How to find the number of Subnetworks If you have questions about the basics of IP addressing- google can be a great resource and check out IPv4 in a Nutshell. This is an algebraic method for quickly identifying IP address subnetworks, usable hosts, and network intervals using powers of 2 and the CIDR Mask Prefix.