Virtual Private Networks
Quick Start
10-100
24. Exit to the global configuration mode context. Configure a remote ID list
that contains authentication information for remote peers. If you are using
preshared keys for authentication, associate the preshared key with the
peer. You can optionally associate a peer with the IKE policy and crypto
map entry that should be used with that peer.
For the remote ID, you can specify:
•
any (often used for multiple mobile users):
Syntax: crypto ike remote-id any [preshared-key <preshared key>] [ike-
policy <policy number>] [crypto map <mapname> <map sequence>]
•
IP address:
Syntax: crypto ike remote-id address <peer A.B.C.D> [preshared-key <pre-
shared key>] [ike-policy <policy number>] [crypto map <mapname> <map
sequence>]
•
fully-qualified domain name (FQDN):
Syntax: crypto ike remote-id fqdn <peer FQDN> [preshared-key <preshared
key>] [ike-policy <policy number>] [crypto map <mapname> <map
sequence>]
•
email address:
Syntax: crypto remote-id user-fqdn <peer email address> [preshared-key
<preshared key>] [ike-policy <policy number>] [crypto map <mapname>
<map sequence>]
•
distinguished name (with digital certificates only):
Syntax: crypto ike remote-id asn1-dn <distinguished name> [ike-policy <pol-
icy number>] [crypto map <mapname> <map sequence>]
Use the wildcard character (*) to make the remote ID entry apply to
multiple mobile users. This allows you to use the same IKE policy to
respond to all mobile users.
25. Apply the crypto map to the WAN interface that connects to the Internet.
Move to the logical interface configuration mode context and enter:
Syntax: crypto map <mapname>
For example:
ProCurve(config)# int ppp 1
ProCurve(config-ppp 1)# crypto map VPN