Cisco Cisco Packet Data Interworking Function (PDIF) Guía Para Resolver Problemas
IP Security
▀ Implementing IPSec for PDN Access Applications
▄ Cisco ASR 5000 Series Enhanced Feature Configuration Guide
OL-22983-01
Implementing IPSec for PDN Access Applications
This section provides information on the following topics:
In covering these topics, this section assumes that ISAKMP crypto maps are configured/used as opposed to manual
crypto maps.
crypto maps.
How the IPSec-based PDN Access Configuration Works
The following figure and the text that follows describe how sessions accessing a PDN using IPSec are processed by the
system.
system.
Figure 21. IPSec PDN Access Processing
Core service
or
HA
Security
Gateway
Packet Data
Network
IPSec Tunnel
Source Ctx.
Services
Local Ctx.
Destination
Ctx.
Context
(Ctx.)
(Ctx.)
Interface
Service or
Configuration
(Cfg.
Configuration
(Cfg.
Crypto ACL
P
D
N
D
N
Transform
Set(s)
ISAKMP
Policy(ies)
ISAKMP
Crypto
Map
9
6
7
8
1
2
5
4
3