Virtual Private Networks
Quick Start
10-94
•
email address:
Syntax: crypto ike remote-id user-fqdn <peer email address> [preshared-
key <preshared key>] [ike-policy <policy number>] [crypto map <mapname>
<map sequence>]
•
distinguished name (with digital certificates only):
Syntax: crypto ike remote-id asn1-dn <distinguished name> [ike-policy <pol-
icy number>] [crypto map <mapname> <map sequence>]
You can use the * wildcard character to configure a remote ID that
matches multiple remote peers.
22. Apply the crypto map to the WAN interface that connects to the Internet.
Move to the logical interface configuration mode context and enter:
Syntax: crypto map <mapname>
For example:
ProCurve(config)# int ppp 1
ProCurve(config-ppp 1)# crypto map VPN
The local and remote gateways must also somehow exchange routing infor-
mation. You can use BGP to communicate routes to your ISP, which then
tunnels them to the remote router. (See Chapter 15: IP Routing—Configur-
ing RIP, OSPF, BGP, and PBR.) You can also tunnel a multicast routing
protocol such as RIP or OSPF through the Internet yourself using a GRE
tunnel. See Chapter 11: Configuring a Tunnel with Generic Routing Encap-
sulation.
Configuring a Client-to-Site VPN
You can print Table 10-32 and fill it out with the settings for your VPN. You can
then use the worksheet to complete the quick start commands.