Table of Contents
Advertisement
Create Site to Site VPN
What Do You Want to Do?
If you want to:
Select a transform set for the VPN to
use.
Add a transform set to the router's
configuration.
Cisco Router and Security Device Manager 2.5 User's Guide
11-12
AH Authentication
The type of Authentication Header (AH) authentication used. If AH
authentication is not configured for this transform set, this column will be empty.
IP Compression
If IP compression is configured for this transform set, this field contains the value
COMP-LZS.
Note
IP compression is not supported on all routers.
Mode
This column contains one of the following:
Transport—Encrypt data only. Transport mode is used when both endpoints
•
support IPsec. Transport mode places the authentication header or
encapsulated security payload after the original IP header; thus, only the IP
payload is encrypted. This method allows users to apply network services
such as quality-of-service (QoS) controls to encrypted packets.
Tunnel—Encrypt data and IP header. Tunnel mode provides stronger
•
protection than transport mode. Because the entire IP packet is encapsulated
within AH or ESP, a new IP header is attached, and the entire datagram can
be encrypted. Tunnel mode allows network devices such as routers to act as
an IPsec proxy for multiple VPN users.
Type
Either User Defined, or Cisco SDM Default.
Do this:
Select a transform set, and click Next.
Click Add, and create the transform set in the Add Transform
Set window. Then click Next to continue VPN configuration.
Chapter 11
Site-to-Site VPN
OL-4015-12
Advertisement
Table of Contents
Troubleshooting
