How to Configure IPsec Virtual Tunnel Interface
- Configuring Static IPsec Virtual Tunnel Interfaces, page 8
- Configuring Dynamic IPsec Virtual Tunnel Interfaces, page 10
- Configuring Per-User Attributes on a Local Easy VPN AAA Server, page 12
Configuring Static IPsec Virtual Tunnel Interfaces
This configuration shows how to configure a static IPsec VTI.
SUMMARY STEPS
1. enable
2. configure terminal
3. crypto IPsec profile profile-name
4. set transform-set transform-set-name
5. interface type number
6. ip address address mask
7. tunnel mode ipsec ipv4
8. tunnel source interface
9. tunnel destination ip-address
10. tunnel protection IPsec profile profile-name [shared]
Configuring Dynamic IPsec Virtual Tunnel Interfaces
This task shows how to configure a dynamic IPsec VTI.
SUMMARY STEPS
1. enable
2. configure terminal
3. crypto IPsec profile profile-name
4. set transform-set transform-set-name
5. interface virtual-template number
6. tunnel mode mode
7. tunnel protection IPsec profile profile-name [shared]
8. exit
9. crypto isakamp profile profile-name
10. virtual-template template-number
Configuring Per-User Attributes on a Local Easy VPN AAA Server
To configure per-user attributes on a local Easy VPN AAA server, perform the following steps.
SUMMARY STEPS
1. enable
2. configure terminal
3. aaa attribute list list-name
4. attribute type name value [service service] [protocol protocol]
5. exit
6. crypto isakmp client configuration group
7. crypto aaa attribute list list-name
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html
No comments:
Post a Comment