Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
DETAILED STEPS
Command or Action
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Step 2
crypto isakmp keepalive seconds retry-seconds
[periodic | on-demand]
Example:
RP/0/RP0/CPU0:router(config)# crypto isakmp
keepalive 20 20 on-demand
Step 3
end
or
commit
Example:
RP/0/RP0/CPU0:router(config)# end
or
RP/0/RP0/CPU0:router(config)# commit
OL-20382-01
Purpose
Enters global configuration mode.
Uses the IKE security association (SA) feature to
provide a mechanism to detect loss of connectivity
between two IP Security (IPSec) peers.
•
•
•
Saves configuration changes.
•
•
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
How to Configure a Dead Peer Detection Message
Use the seconds argument to specify the number
of seconds between keepalive messages. The
range is from 10 to 3600.
Use the retry-seconds argument to specify the
number of seconds between retries if keepalive
fails. The range is from 2 to 60.
When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting (yes/no/cancel)?
[cancel]:
Entering yes saves configuration changes to
–
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
Entering no exits the configuration session
–
and returns the router to EXEC mode
without committing the configuration
changes.
Entering cancel leaves the router in the
–
current configuration session without
exiting or committing the configuration
changes.
Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
SC-143