Motorola WS5100 Series Migration Giude page 184

11-26 WS5100 Series Switch Migration Guide
a. Click on
• Assign a
determines its priority among the other crypto maps. The lower the number, the higher the priority.
• Assign the crypto map a
• Use the
domain or host name of the host exchanging identity information.
• Define a
association negotiation.
• Define a
(in kilobytes) has passed through the IPSec tunnel using the security association.
• Use the
selected ACL. This will display the Extended ACL created in step 4 above.
• Use the
received from the peer.
• Use the
enables you to configure pre-shared keys as Radius tunnel attributes for IP Security (IPSec) peers.
• Select SA Per Host
• The Mode Config
Type field in the Add Crypto Maps dialog box.
• Click on
For more details on configuring a IPSec Transform set, refer
page 11-8.
Add button to define the attributes of a new crypto map.
Seq # (sequence number) distinguishes one from the other. The sequence number
Name to differentiate from others with similar configurations.
None, Domain Name or
SA Lifetime (secs) to define an interval (in seconds) that (when expired) forces a new
SA Lifetime (Kb) to time out the security association after the specified amount of traffic
ACL ID drop-down menu to permit a crypto map data flow using the permissions within the
PFS drop-down menu to specify a group to require perfect forward secrecy (PFS) in requests
Mode drop-down menu to specify a mode of
checkbox to create multiple SAs per host for added security.
checkbox option is used to configure a remote VPN. This enables the
OK button to save the new crypto map and display it within the Crypto Map tab.
Host Name radio buttons to select and enter the fully qualified
Main or Aggressive. Aggressive mode
Specifying Traffic to Protect using Crypto ACL on
Remote