3. Add a peer to the list of peers in the group, using the set peer command.
Specify the peer's name or address.
●
Optionally enter an index number, specifying the relative position of the peer within the
●
peer-group. If you do not enter an index number, the peer is added at the end of the
peer-group list, and is assigned an index following the last peer's index.
G350-001(config-peer-grp:NY-VPN-group)# set peer 149.49.52.135 1
Done!
4. Repeat step 3 for every peer you wish to add to the list.
Note:
You can define up to a maximum of five peers in a peer-group.
Note:
!
Important:
Each of the peers listed in the peer-group must be configured as an ISAKMP
Important:
peer (see
Configuring crypto maps
A crypto map points to a transform-set and to a peer (which in turn points to an ISAKMP policy).
If you defined a peer-group, the crypto map can point to the peer-group.
The transform-set and ISAKMP policy define how to secure the traffic that matches the ip-rule
that points to this crypto map.
!
Important:
It is mandatory to create at least one crypto map.
Important:
Note:
You can configure up to 50 crypto maps.
Note:
To configure a crypto map:
1. Use the crypto map command, followed by an index number between 1 and 50, to enter
the context of a crypto map (and to create the crypto map if it does not exist).
G350-001# crypto map 1
G350-001(config-crypto:1)#
2. Enter a description for the crypto map, using the description command.
G350-001(config-crypto:1)# description "vpn lincroft branch"
Done!
Configuring ISAKMP peer information
Configuring a site-to-site IPSec VPN
on page 371).
Issue 1.1 June 2005
375