Virtual Private Networks
Quick Start
Parameters
IPSec SA proposals
transform setname
AH authentication algorithm
ESP encryption
algorithm
ESP authentication algorithm
(optional, unless you select
ESP null)
IPSec SA lifetime type
IPSec SA lifetime in kilobytes
(optional)
IPSec SA lifetime in seconds
(optional)
ACL listname
local VPN network(s)
network in the IKE mode
config pool
hosts in the VPN networks
denied access to the tunnel
(optional)
crypto mapname
crypto map index
number
10-96
Options
• AH
• ESP
• AH and ESP
alphanumeric string
• MD5
• SHA-1
• DES
• 3DES
• AES 128-bit
• AES 192-bit
• AES 256-bit
• None (null)
• MD5
• SHA-1
• kilobytes
• seconds
2560 to 536,870,912 kilobytes
120 to 86,400 seconds
alphanumeric string
range of host addresses
(<A.B.C.D> <wildcard bits>)
first A.B.C.D
last A.B.C.D
• host address (<A.B.C.D>)
• range of host addresses
(<A.B.C.D> <wildcard bits>)
alphanumeric string
0 to 65,535
Obtain Setting From
match peer
—
match peer
match peer
match peer
match peer
match peer
match peer
—
local network address(es) and
subnet mask(s)
network address(es) and
subnet mask(s)
organizational policy
same name for every entry
establishing a connection on
the same interface
different index number for
every entry establishing a
connection to a different site
Your Setting