Cisco Cisco Packet Data Gateway (PDG)
Crypto Maps
▀ Dynamic Crypto Map Configuration
▄ IPSec Reference, StarOS Release 16
70
Dynamic Crypto Map Configuration
This section provides instructions for configuring dynamic crypto maps. Dynamic crypto maps should only be
configured in support of L2TP or Mobile IP applications.
configured in support of L2TP or Mobile IP applications.
Important:
This section provides the minimum instruction set for configuring dynamic crypto maps on the
system. For more information on commands that configure additional parameters and options, refer to the Context
Configuration Mode Commands and Crypto Map Dynamic Configuration Mode Commands chapters in the Command
Line Interface Reference.
Configuration Mode Commands and Crypto Map Dynamic Configuration Mode Commands chapters in the Command
Line Interface Reference.
To configure the dynamic crypto maps for IPSec:
Step 1
Step 2
Step 3
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
command save configuration. For additional information on how to verify and save configuration files, refer to the
System Administration Guide and the Command Line Interface Reference.
command save configuration. For additional information on how to verify and save configuration files, refer to the
System Administration Guide and the Command Line Interface Reference.
Configuring Dynamic Crypto Maps
Use the following example to create the dynamic crypto map on your system:
configure
context <ctxt_name>
crypto map <map_name> ipsec-dynamic
set pfs { group1 | group2 | group5 }
set transform-set <transform_name>
end
Notes:
<ctxt_name>
is the system context in which you wish to create and configure the dynamic crypto maps.
<map_name>
is name by which the dynamic crypto map will be recognized by the system.
For more information on parameters, refer to the Crypto Map Dynamic Configuration Mode Commands chapter
in the Command Line Interface Reference.