Cisco identifies four main steps in configuring encryption on their encryption-enabled routers:

  1. Cisco generates the router's DSS public and private keys.
  2. DSS public keys are exchanged.
  3. Cisco defines global encryption policy.
  4. Cisco configures its per-session encryption policy.