Cisco Cisco Packet Data Gateway (PDG) Guia De Resolução De Problemas
Crypto Template Configuration Mode Commands
payload ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
payload
Creates a new, or specifies an existing, crypto template payload and enters the Crypto Template Payload Configuration
Mode.
Mode.
Product
PDIF
Privilege
Security Administrator, Administrator
Syntax
Removes a currently configured crypto template payload.
Specifies the name of a new or existing crypto template payload.
must be from 1 to 127 alpha and/or
numeric characters.
Filters IPSec Child Security Association creation requests for subscriber calls using this payload. Further
filtering can be performed by applying the following:
filtering can be performed by applying the following:
: Configures this payload to be applicable to IPSec Child Security Association requests for IPv4.
: Configures this payload to be applicable to IPSec Child Security Association requests for IPv6.
Usage
Use this command to create a new or enter an existing crypto template payload. The payload mechanism is a
means of associating parameters for the Security Association (SA) being negotiated.
Two payloads are required: one each for MIP and IKEv2. The first payload is used for establishing the initial
Child SA Tunnel Inner Address (TIA) which will be torn down. The second payload is used for establishing
the remaining Child SAs. Note that if there is no second payload defined with home-address as the
means of associating parameters for the Security Association (SA) being negotiated.
Two payloads are required: one each for MIP and IKEv2. The first payload is used for establishing the initial
Child SA Tunnel Inner Address (TIA) which will be torn down. The second payload is used for establishing
the remaining Child SAs. Note that if there is no second payload defined with home-address as the
then no MIP call can be established, just a Simple IP call.
Currently, the only available match is for ChildSA, although other matches are planned for future releases.
Omitting the second match parameter for either IPv4 or IPv6 will make the payload applicable to all IP
address pools.
Crypto Template Payload Configuration Mode commands are defined in the Crypto Template Payload
Configuration Mode Commands chapter.
Omitting the second match parameter for either IPv4 or IPv6 will make the payload applicable to all IP
address pools.
Crypto Template Payload Configuration Mode commands are defined in the Crypto Template Payload
Configuration Mode Commands chapter.
Example
The following command configures a crypto template payload called
The following command configures a crypto template payload called
and enters the Crypto Template
Payload Configuration Mode: