Table of Contents
Advertisement
IPSec Policies
Note
Enable Reverse Route Injection
Add or Edit Crypto Map: Peer Information Panel
If you want to:
Add a peer to the Current List.
Remove a peer from the Current List.
Add or Edit Crypto Map: Transform Sets Panel
Cisco Router and Security Device Manager Version 2.2 User's Guide
13-32
independently. It thus ensures that if one key is compromised, no other keys will
be. If you enable PFS, you can specify use of the Diffie-Hellman group1, group2,
or group5 method.
If your router does not support group5, it will not appear in the list.
Reverse Route Injection (RRI) is used to populate the routing table of an internal
router running Open Shortest Path First (OSPF) protocol or Routing Information
Protocol (RIP) for remote VPN clients or LAN-to-LAN sessions.
Reverse Route Injection dynamically adds static routes to the clients connected to
the Easy VPN server.
Use this panel to add or edit crypto map peer information. The list of peers
associated with this crypto map is shown in the Current List box. You can add new
peers, remove peers, or edit them. You can specify a peer using either an IP
address or a host name. Multiple peers provide the router with more routing paths.
Do this:
Click Add, and enter the IP address or host name of the peer.
Select the peer, and click Remove.
Use this window to add, edit, and order the transform sets used in the crypto map.
The devices at both ends of the VPN connection must use the same transform set,
and the can negotiate to determine which transform set to use. Configuring
multiple transform sets helps ensure that the router can offer a transform set that
the negotiating peer can agree to use.
Chapter 13
IP Security
OL-4015-08
Advertisement
Table of Contents
Troubleshooting
