AppendixB Site-to-Site VPN User Interface Reference
Create VPN Wizard
B-28
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
VRF Aware IPSec TabUse the VRF-Aware IPSec tab on the Edit Endpoints dialog box to configure a
VRF-Aware IPSec policy on a hub in your hub-and-spoke VPN topology. When
youselect the row in the Endpoints table that contains the required hub device (the
IPSec Aggregator), and click Edit, the VRF Aware IPSec tab opens. You can
configure VRF-Aware IPSec as a one-box or two-box solution.
Note • In a VPN topology with two hubs, you must configure VRF-AwareIPSec on
both devices.
•Youcannot configure VRF-Aware IPSec on a device that belongs to another
VPN topology in which VRF-Aware IPSec isnot configured.
FWSM Inside VLAN The VLAN which serves as the inside interface to the Firewall
Services Module (FWSM).
If required, click Select to open a dialog box that lists all available
interfaces, and sets of interfaces defined by interface roles, and in
which you can make your selection, or create interface role objects.
For more information, see Interface Roles Page, pageC-126.
FWSM Blade Fromthe list of availableblades, select the blade number to which
the selected FWSM inside VLAN interface is connected.
Security Context If the selected FWSM inside VLAN is part of a security context,
specify its name in this field. The name is case-sensitive.
You can partition an FWSM into multiple virtual firewalls, known
as security contexts. A security context is an independent virtual
firewall that has its own security policy, interfaces, and
administrators. Youcan define security contexts when you import a
Catalyst 6500/7600 device into the Security Manager inventory.
For more information, see Security Contexts Page, pageC-475.
OK button Saves yourchanges locally onthe client and closes the dialog box.
Cancel button Closes the dialog box without saving your changes.
Help button Opens help for this tab.
TableB-10 Edit Endpoints Dialog Box> FWSM Tab (continued)
Element Description