Answer the following review questions, which delve into some of the key facts and concepts covered in this chapter:
1. Name an advantage and a disadvantage of using preshared keys for authentication.
2. What command do you use to enter a preshared key?
3. How do you view IKE policies in the PIX's configuration?
4. How do you enable IKE for one interface and not for another?
5. How many transforms can be defined in a transform set?
6. How do you configure IPSec security association lifetimes on the PIX Firewall?
7. What command do you use to define the traffic flows to be protected?
8. When are the IPSec SAs initialized with IKE configured?
9. How can you view IKE events as they occur between IPSec peers?
10. Why does IKE fail for preshared keys in the following sample configurations?
Example 17-22 PIX1
crypto isakmp policy 100 authentication rsa-sig group 2 lifetime 5000 crypto isakmp policy 200 hash md5 authentication pre-share crypto isakmp policy 300 authentication rsa-encr lifetime 10000
Example 17-23 PIX2
crypto isakmp policy 100authentication rsa-sig group 2 lifetime 5000 crypto isakmp policy 200 authentication rsa-sig lifetime 10000 crypto isakmp policy 300 hash sha authentication pre-share