Cisco Cisco Packet Data Gateway (PDG)
Service Configurations
▀ WSG Service Configuration to Support IPSec
▄ IPSec Reference, StarOS Release 17
98
ocsp – Enables Online Certificate Store Protocol (OCSP) requests from the crypto map/template.
payload – Creates a new, or specifies an existing, crypto template payload and enters the Crypto Template
Payload Configuration Mode.
peer network – Configures a list of allowed peer addresses on this crypto template.
remote-secret-list – Configures Remote Secret List.
whitelist – Enables use of a whitelist file.
You must create a crypto template before creating the WSG service that enables the SecGW.
Creating a WSG Service
Execute the following command sequence to move to the Wireless Security Gateway Configuration Mode:
config
context context_name
wsg-service service_name
bind address ip_address crypto-template template_name
deployment-mode { remote-access | site-to-site }
ip { access-group acl_list_name | address pool name pool_name
ipv6 { access-group acl_list_name | address prefix-pool pool_name
pre_fragment mtu size
The following command sequence sets the lookup priority:
config
wsg-lookup
priority priority_level source-netmask subnet_size destination netmask
subnet_size
subnet_size
For additional information, see the WSG-Service Configuration Mode Commands and the WSG Lookup Priority List
Configuration Mode chapters of the Command Line Interface Reference.
Configuration Mode chapters of the Command Line Interface Reference.