IPSec VPN
4. Crypto Map
5. Crypto List
6. Interface
Overview of IPSec VPN components
The basic IPSec VPN building blocks define how to secure packets, as follows:
ISAKMP policies: Define parameters for IKE phase 1 negotiation
Transform-sets: Define parameters for IKE phase 2 negotiation
Once the building blocks are defined, IPSec VPN is implemented using a crypto list. The crypto
list defines, for the interface to which it applies, which packets should be secured and how, as
follows:
Each rule in the crypto list points to a crypto-map. A crypto-map points to a transform-set, and
to a peer or peer-group. The peer or peer-group, in turn, point to an ISAKMP policy.
IPSec VPN components
The following figure describes the relationships among the various VPN components.
482
Administering Avaya G430 Branch Gateway
Comments? infodev@avaya.com
October 2013