Cisco Cisco Packet Data Gateway (PDG)
C H A P T E R
5
Sample Basic wsg-service Configuration
This chapter provides a sample basic wsg-service configuration that enables SecGW functionality on an
ASR 9000 VSM CPU.
ASR 9000 VSM CPU.
•
•
•
•
•
WSG Context (StarOS)
config
context wsg
ip access-list one
permit ip 66.66.0.0 0.0.255.255 45.45.0.0 0.0.255.255 protocol 255
exit
exit
ipsec transform-set tselsa-foo
exit
ikev2-ikesa transform-set ikesa-foo
exit
crypto template foo ikev2-dynamic
exit
ikev2-ikesa transform-set ikesa-foo
exit
crypto template foo ikev2-dynamic
authentication local pre-shared-key key foo
authentication remote pre-shared-key key foo
ikev2-ikesa transform-set list ikesa-foo
identity local id-type ip-addr id 33.33.33.3
peer network 55.55.33.30 mask 255.255.255.255
natt
authentication remote pre-shared-key key foo
ikev2-ikesa transform-set list ikesa-foo
identity local id-type ip-addr id 33.33.33.3
peer network 55.55.33.30 mask 255.255.255.255
natt
wsg-service abc
deployment-mode site-to-site
ip access-group one
bind address 33.33.33.30 crypto-template foo
ip access-group one
bind address 33.33.33.30 crypto-template foo
exit
SecGW Administration Guide, StarOS Release 19
45