1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. 851-K9 - 851 Integrated Services Router
  6. Configuration manual

Configure The Ipsec Crypto Method And Parameters - Cisco CISCO851-K9 - 851 Integrated Services Router Configuration Manual

Access routers
Hide thumbs
Table of Contents

Advertisement

Configure the IPSec Crypto Method and Parameters

Perform these steps to specify the IPSec transform set and protocols, beginning in global configuration
mode:
Command or Action
Step 1
crypto ipsec transform-set transform-set-name
transform1 [transform2] [transform3]
[transform4]
Example:
Router(config)# crypto ipsec transform-set
vpn1 esp-3des esp-sha-hmac
Router(config)#
Step 2
crypto ipsec security-association lifetime
{seconds seconds | kilobytes kilobytes}
Example:
Router(config)# crypto ipsec
security-association lifetime seconds 86400
Router(config)#
With manually established security associations, there is no negotiation with the peer, and both sides
Note
must specify the same transform set.
Configure the IPSec Crypto Method and Parameters
A dynamic crypto map policy processes negotiation requests for new security associations from remote
IPSec peers, even if the router does not know all the crypto map parameters (for example, IP address).
Perform these steps to configure the IPSec crypto method, beginning in global configuration mode:
Command or Action
Step 1
crypto dynamic-map dynamic-map-name
dynamic-seq-num
Example:
Router(config)# crypto dynamic-map dynmap 1
Router(config-crypto-map)#
Step 2
set transform-set transform-set-name
[transform-set-name2...transform-set-name6]
Example:
Router(config-crypto-map)# set
transform-set vpn1
Router(config-crypto-map)#
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
6-8
Chapter 6
Configuring a VPN Using Easy VPN and an IPSec Tunnel
Purpose
Defines a transform set—an acceptable
combination of IPSec security protocols and
algorithms.
See the
Cisco IOS Security Command Reference
for detail about the valid transforms and
combinations.
Specifies global lifetime values used when IPSec
security associations are negotiated.
See the
Cisco IOS Security Command Reference
for details.
Purpose
Creates a dynamic crypto map entry and enters
crypto map configuration mode.
See the
Cisco IOS Security Command Reference
for more detail about this command.
Specifies which transform sets can be used with
the crypto map entry.
OL-5332-01
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco CISCO851-K9 - 851 Integrated Services Router

Related Content for Cisco CISCO851-K9 - 851 Integrated Services Router

This manual is also suitable for:

Cisco876-sec-i-k9 - 876 security bundle routerCisco877-k9 - 877 integrated services routerCisco877-sec-k9 - 877 security bundle routerCisco857w-g-a-k9 - 857w integrated services routerCisco878-k9 - 878 g.shdsl sec routerCisco878-k9-rf - 878 integrated services router ... Show all

Table of Contents