ISAKMP and IPSec Rookie question

I have a tech wanting to help implement a site-to-site VPN for us. He asked
about our topology and then says

"We will build an ISAKMP and IPSec policy once we have this information and
forward you that policy so you can setup on your end"

In English, what does that mean?

I don't want to look totally in the dark...

The link below will give you the jist of things. Ipsec can be configured to
secure traffic in tunnel mode between two gateways. I don't know exactly how
your setup will be whether it is between two routers or what. Generally you
will need a way for both ends to authenticate to each other which usually is
a common pre shared key [PSK] or computer certificate. After that each
endpoint needs to know the IP address of the other endpoint, the local lan
subnet that the other end of the tunnel, possibly a SID, and encryption and
authentication protocols used such as 3DES and SHA1 for ESP which will be
used to encrypt the data. Good luck. --- Steve

http://www.microsoft.com/windows2000...ipsecsteps.asp
http://support.microsoft.com/default...b;en-us;816514

"Fredly" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I have a tech wanting to help implement a site-to-site VPN for us. He
>asked
> about our topology and then says
>
> "We will build an ISAKMP and IPSec policy once we have this information
> and
> forward you that policy so you can setup on your end"
>
> In English, what does that mean?
>
> I don't want to look totally in the dark...
>
>
>

Fredly,

An ISAKMP policy refers to the configuration settings used for the Main Mode
or Phase 1 negotiation. During this phase of the negotiation the peer
machines authenticate each other and exchange the security algorithms they
want to used to set up a secure "channel" for the Phase 2 or Quick Mode
negotiation.

An IPsec policy refers to the configuration settings used for the Quick
Mode/Phase 2 negotiation. During this phase the actual traffic is secured.

As mentioned, these configuration settings are security related
settings -such as authentication method, encryption and integrity algorithms
etc.

--
Louise Bowman
(MSFT)
This posting is provided "AS IS" with no warranties, and confers no rights.
"Fredly" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I have a tech wanting to help implement a site-to-site VPN for us. He
asked
> about our topology and then says
>
> "We will build an ISAKMP and IPSec policy once we have this information
and
> forward you that policy so you can setup on your end"
>
> In English, what does that mean?
>
> I don't want to look totally in the dark...
>
>
>