HP ProCurve 7102dl Reference Manual page 386

SROS Command Line Interface Reference Guide
ip crypto
Use the ip crypto command to enable SROS VPN functionality and allow crypto maps to be added to
interfaces. Use the no form of this command to disable the VPN functionality.
Note Disabling the SROS security features (using the no ip crypto command) does not affect
VPN configuration settings (with the exception of the removal of all crypto maps from the
interfaces). All other configuration parameters will remain intact, and VPN functionality
will be disabled.
For VPN configuration example scripts, refer to the technical support note VPN
Configuration Guide located on the ProCurve SROS Documentation CD provided with
your unit.
Syntax Description
fast-failover
Default Values
By default, all SROS VPN functionality is disabled.
Functional Notes
VPN-related settings will not go into effect until you enable VPN functionality using the ip crypto
command. The SROS allows you to perform all VPN-related configuration prior to enabling ip crypto, with
the exception of assigning a crypto map to an interface. The no ip crypto command removes all crypto
maps from the interfaces. Enabling ip crypto enables the IKE server on UDP port 500. The no form of this
command disables the IKE server on UDP port 500.
Usage Examples
The following example enables VPN functionality:
ProCurve(config)#ip crypto
5991-2114
Optional. This setting is used when the same crypto map is applied to two
different egress interfaces. It allows the quick deletion of IKE and IPSec
SAs when the default route policy-class changes.
© Copyright 2007 Hewlett-Packard Development Company, L.P.
Global Configuration Mode Command Set
384