Table of Contents
Advertisement
Chapter 17
IP Security
Add or Edit Crypto Map: General
Name of IPSec Policy
Description
Sequence Number
Security Association Lifetime
OL-4015-12
Change general crypto map parameters in this window. This window contains the
following fields.
A read-only field that contains the name of the policy in which this crypto map is
used. This field does not appear if you are using the Crypto Map Wizard.
Enter or edit a description of the crypto map in this field. This description appears
in the VPN Connections list, and it can be helpful in distinguishing this crypto
map from others in the same IPSec policy.
A number that, along with the IPSec policy name, is used to identify a connection.
Cisco SDM generates a sequence number automatically. You can enter your own
sequence number if you wish.
IPSec security associations use shared keys. These keys, and their security
associations time out together. There are two lifetimes: a timed lifetime and a
traffic-volume lifetime. The security association expires when the first of these
lifetimes is reached.
You can use this field to specify a different security association lifetime for this
crypto map than the lifetime that is specified globally. In the Kilobytes field, you
can specify the lifetime in the number of kilobytes sent, up to a maximum of
4608000. In the HH:MM:SS fields, you can specify the lifetime in hours, minutes,
and seconds. You can also specify both a timed and a traffic-volume lifetimes. If
both are specified, the lifetime will expire when the first criterion has been
satisfied.
Cisco Router and Security Device Manager 2.5 User's Guide
IPSec Policies
17-5
Advertisement
Table of Contents
Troubleshooting
