Cisco Cisco Packet Data Gateway (PDG) Folheto
Crypto Maps
▀ ISAKMP Crypto Map Configuration
▄ Cisco StarOS IP Security (IPSec) Reference
68
ISAKMP Crypto Map Configuration
This section provides instructions for configuring ISAKMP crypto maps.
Important:
This section provides the minimum instruction set for configuring ISAKMP crypto maps on the
system. For more information on commands that configure additional parameters and options, refer to the Context
Configuration Mode Commands and Crypto Map ISAKMP Configuration Mode chapters in the Command Line
Interface Reference.
Configuration Mode Commands and Crypto Map ISAKMP Configuration Mode chapters in the Command Line
Interface Reference.
To configure the ISAKMP crypto maps for IPSec:
Step 1
Step 2
Step 3
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
command save configuration. For additional information on how to verify and save configuration files, refer to the
System Administration Guide and the Command Line Interface Reference.
command save configuration. For additional information on how to verify and save configuration files, refer to the
System Administration Guide and the Command Line Interface Reference.
Configuring ISAKMP Crypto Maps
Use the following example to create the ISAKMP crypto map:
configure
context <ctxt_name>
crypto map <map_name> ipsec-isakmp
set peer <agw_address>
set isakmp preshared-key <isakmp_key>
set mode { aggressive | main }
set pfs { group1 | group2 | group5 }
set transform-set <transform_name>
match address <acl_name> [ preference ]
match crypto-group <group_name> { primary | secondary }
end
Notes:
<ctxt_name>
is the system context in which you wish to create and configure the ISAKMP crypto maps.
<map_name>
is name by which the ISAKMP crypto map will be recognized by the system.