Table of Contents
Advertisement
Chapter 17
IP Security
Name
Available Transform Sets
Selected Transform Sets
Transform Set
Name
OL-4015-12
Enter a name for this profile.
This column lists the transform sets configured on this router. To add a transform
set from this list to the Selected Transform Sets column, select a transform set and
click the right arrow (>>) button.
If you need to configure a new transform set, click the Transform Sets node in
the IPSec tree to go to the Transform Sets window. In that window, click Add to
create a new transform set.
This column lists the transform sets that you are using in this profile. You can
select multiple transform sets so that the router you are configuring and the router
at the other end of the tunnel can negotiate which transform set to use.
This screen allows you to view transform sets, add new ones, and edit or remove
existing transform sets. A transform set is a particular combination of security
protocols and algorithms. During the IPSec security association negotiation, the
peers agree to use a particular transform set for protecting a particular data flow.
You can create multiple transform sets and then specify one or more of them in a
crypto map entry. The transform set defined in the crypto map entry will be used
in the IPSec security association negotiation to protect the data flows specified by
that crypto map entry's access list.
During IPSec security association negotiations with IKE, the peers search for a
transform set that is the same at both peers. When that transform set is found, it
is selected and applied to the protected traffic as part of both peers' IPSec security
associations.
Name given to the transform set.
Cisco Router and Security Device Manager 2.5 User's Guide
Transform Set
17-15
Advertisement
Table of Contents
Troubleshooting
