Cisco Cisco ASR 5000
Exec Mode Commands (A-C)
crypto-group ▀
Command Line Interface Reference, StarOS Release 18 ▄
4049
crypto-group
Allows the manual switchover of redundant IPSec tunnels belonging to a specific crypto group.
Product
PDSN
GGSN
Privilege
Security Administrator, Administrator, Operator
Mode
Exec
The following prompt is displayed in the Exec mode:
[local]host_name#
Syntax
crypto-group name group_name activate { primary | secondary }
name
group_name
Specifies the name of an existing crypto group with which the tunnels to be switched are associated.
activate { primary | secondary }
Allows you to specify which tunnel to activate:
primary
: Switches traffic to the primary tunnel in the group.
secondary
: Switches traffic to the secondary tunnel in the group.
Usage
This command is used in conjunction with the Redundant IPSec Tunnel Fail-over feature.
Use this command to manually switch traffic to a specific tunnel in a crypto group if the automatic
switchover options have been disabled. Refer to the
Use this command to manually switch traffic to a specific tunnel in a crypto group if the automatic
switchover options have been disabled. Refer to the
switchover
command in the Crypto Group
configuration mode for more information.
Example
The following command manually switches user traffic to the secondary tunnel in the crypto group called
group1
:
crypto-group group1 activate secondary