SIMULATION - //IMG// //IMG//

As a network administrator you are tasked with configuring a FlexVPN site-to-site GRE/IPsec tunnel. The two sites use Cisco IOS routers and support the FlexVPN framework. The router at Site B is preconfigured. You must use the IKEv2 configuration blocks to accomplish this task. - Configure a point-to-point GRE tunnel on the router and use interface Ethernet0/0 as the tunnel source (Use tunnel 0 for this purpose). Configure 10.1.1.1/24 as the IP address on the tunnel interface. Verify that you are able to ping across the GRE tunnel. - Configure an IKEv2 proposal, and make sure that the tunnel uses the following parameters: - Encryption algorithm: AES 128 - Integrity algorithm: SHA1 - Diffie-Hellman group: 5 - Configure an IKEv2 key ring, with the local pre-shared key $SiteA and remote pre-shared key $SiteB. - Configure an IKEv2 profile for pre-shared key authentication. Make sure that you use the FQDN SiteA.cisco.com as the local IKE identity of the router. The peer router is configured to send an identity of SiteB.cisco.com. - Create an IPsec profile named default. Reference the IKEv2 profile in the IPsec profile. - Enable encryption on the GRE tunnel, and do not use a crypto map. Verify that the IKEv2 tunnel is up and passing traffic by making sure that you can ping across the tunnel. Use show commands to verify that the tunnel is using the correct encryption and integrity algorithms and that traffic is encrypted/decrypted.