Appendix B Site-to-Site VPN User Interface Reference

Create VPN Wizard

Deployment may fail if the IPSec Aggregator is configured with the same keyring CLI command as the existing preshared key (keyring) command, and is not referenced by any other command. In this case, Security Manager does not use the VRF keyring CLI, but generates the keyring with a different name, causing deployment to fail. You must manually remove the preshared key keyring command through the CLI, before you can deploy the configuration.

For more information about creating or editing a VRF-Aware IPSec policy, see Understanding VRF-Aware IPSec, page 9-41.

Navigation Path

You can access the VRF-Aware IPSec tab from the Edit Endpoints dialog box. Open the Edit Endpoints Dialog Box, page B-16, then click the VRF-Aware IPSec tab.

Note Make sure you selected a hub device in the table on the Endpoints Page, page B-13(or tab), before opening the Edit Endpoints dialog box.

Related Topics

Edit Endpoints Dialog Box, page B-16

Configuring VRF-Aware IPSec Settings, page 9-45

Defining the Endpoints and Protected Networks, page 9-18

Field Reference

Table B-11

Edit Endpoints Dialog Box > VRF Aware IPSec Tab

 

 

 

Element

 

Description

 

 

Enable the VRF Settings

Available if you selected more than one device for editing in the

Changes on All Selected Peers

Endpoints page.

 

 

When selected, applies any changes you make in the VRF Settings

 

 

tab to all the selected devices.

 

 

 

 

 

User Guide for Cisco Security Manager 3.0.1

 

 

 

 

 

 

OL-8214-02

 

 

B-29

 

 

 

Page 29
Image 29
3D Innovations 3.0.1 appendix Table B-11 Edit Endpoints Dialog Box VRF Aware IPSec Tab