Cisco Cisco Packet Data Gateway (PDG) Guia De Resolução De Problemas
Context Configuration Mode Commands
crypto map ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
crypto map
Configures the name of the policy and enters either the specified Crypto Map Configuration Mode.
Product
PDSN, HA, GGSN, SCM, P-GW, PDIF
Privilege
Security Administrator, Administrator
Syntax
Removes a previously configured crypto map.
The name by which the crypto map will be recognized by the system.
must be a string of from 1
through 127 alpha and/or numeric characters and is case sensitive.
Creates an IKEv2-IPv6 crypto map and enters the Crypto Map IKEv2-IPv6 Configuration Mode
Creates a dynamic crypto map and/or enters the Crypto Map Dynamic Configuration Mode.
Creates an IKEv1 crypto map and/or enters the Crypto Map IKEv1 Configuration Mode.
Creates a manual crypto map and/or enters the Crypto Map Manual Configuration Mode.
Usage
Crypto Maps define the policies that determine how IPSec is implemented for subscriber data packets. There
are several types of crypto maps supported by the system. They are:
are several types of crypto maps supported by the system. They are:
Manual crypto maps: These are static tunnels that use pre-configured information (including security
keys) for establishment. Because they rely on statically configured information, once created, the
tunnels never expire; they exist until their configuration is deleted.
tunnels never expire; they exist until their configuration is deleted.
Important:
Because manual crypto map configurations require the use of static security keys (associations), they
are not as secure as crypto maps that rely on dynamically configured keys. Therefore, it is recommended that they only
be configured and used for testing purposes.
be configured and used for testing purposes.