B-29
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
AppendixB Site-to-Site VPN User Interface Reference Create VPN Wizard
•Deployment may fail if the IPSec Aggregator is configured with the same
keyringCLI command as the existing preshared key (keyring) command, and
is not referenced by any other command. In this case, Security Manager does
notuse the VRF keyring CLI, but generates the keyring with a different name,
causing deployment to fail. You must manually remove the preshared key
keyring command through the CLI, before you can deploy the configuration.
For more information about creating or editing a VRF-Aware IPSec policy, see
Understanding VRF-Aware IPSec, page9-41.
Navigation Path
You can access the VRF-Aware IPSec tab from the Edit Endpoints dialog box.
Open the Edit Endpoints Dialog Box, pageB-16, then click the VRF-Aware
IPSec tab.
Note Make sure you selected a hub device in the table on the Endpoints Page,
page B-13 (or tab), before opening the Edit Endpoints dialog box.
Related Topics
•Edit Endpoints Dialog Box, page B-16
•Configuring VRF-Aware IPSec Settings, page9-45
•Defining the Endpoints and Protected Networks, page 9-18
Field Reference
TableB-11 Edit Endpoints Dialog Box> VRF Aware IPSec Tab
Element Description
Enable the VRF Settings
Changes on All Selected Peers Available if you selected more than one device for editing in the
Endpoints page.
When selected, applies any changes you make in the VRF Settings
tab to all the selected devices.