Table of Contents
Advertisement
Command Reference Guide
match address <name>
Use the match address command to assign an IP access control list (ACL) to a crypto map definition. The
ACL designates the IP packets to be encrypted by this crypto map. Use the no form of this command to
delete an IP ACL. Refer to
creating ACLs.
Syntax Description
<name>
Default Values
By default, no IP ACLs are defined.
Command History
Release 4.1
Functional Notes
Crypto map entries do not directly contain the selectors used to determine which data to secure. Instead,
the crypto map entry refers to an ACL. An ACL is assigned to the crypto map using the match address
command. If no ACL is configured for a crypto map, then the entry is incomplete and will have no effect on
the system.
For a complete list of all extended ACL configuration commands, refer to the
Control List Command Set on page
The entries of the ACL used in a crypto map should be created with respect to traffic sent by the ADTRAN
product. The source information must be the local ADTRAN product and the destination must be the peer.
Only extended ACLs can be used in crypto maps.
Usage Examples
The following example shows setting up an ACL (called NewList) and then assigning the new list to a
crypto map (called NewMap):
(config)#ip access-list extended NewList
Configuring New Extended ACL "NewList"
(config-ext-nacl)#exit
(config)#crypto map NewMap 10 ipsec-ike
(config-crypto-map)#match address NewList
60000CRG0-35E
ip access-list extended <ipv4 acl name> on page 982
Specifies the name of the ACL you wish to assign to this crypto map.
Command was introduced.
Copyright © 2012 ADTRAN, Inc.
3126.
Crypto Map IKE Command Set
for more information on
IPv4 Access
3921
Advertisement
Table of Contents
