Preshared Key | 3D Innovations 3.0.1 specs

Appendix B Site-to-Site VPN User Interface Reference

		Site to Site VPN Policies
Table B-18	VPN Global Settings Page > General Settings Tab (continued)

Element		Description

Enable Split Tunneling		When selected (the default), enables you to configure split tunneling
		in your VPN topology.
		Split tunneling enables you to transmit both secured and unsecured
		traffic on the same interface. Split tunneling requires that you
		specify exactly which traffic will be secured and what the
		destination of that traffic is, so that only the specified traffic enters
		the IPSec tunnel, while the rest is transmitted unencrypted across
		the public network.

Enable Spoke-to-Spoke		Supported on PIX 7.0 and ASA devices.
Connectivity through the Hub		When selected, enables direct communication between spokes in a

		hub-and-spoke VPN topology, in which the hub is an ASA/PIX 7.0
		device.

Enable Default Route		Supported on Cisco IOS routers and Catalyst 6500/7600 devices.
		When selected, the device uses the configured external interface as
		the default outbound route for all incoming traffic.

Save button		Saves your changes to the server but keeps them private.
		Note To publish your changes, click the Submit button on the
		toolbar.

Close button		Closes the Site-to-Site VPN window.

Help button		Opens help for this tab.

Preshared Key Page

Use the Preshared Key page to view or edit the parameters for a preshared key policy.

For information about Preshared Key policies, see Understanding Preshared Key Policies, page 9-74.

Note A preshared key policy is not available when configuring Easy VPN.

		User Guide for Cisco Security Manager 3.0.1
		User Guide for Cisco Security Manager 3.0.1
	OL-8214-02			B-53
	OL-8214-02			B-53

Image 53

3D Innovations 3.0.1 appendix Preshared Key

Contents

Site-to-Site VPN User Interface Reference Working with VPN Topologies, Understanding VPN Topologies, B-37 VPN SummaryB-3 and Peers Page, page B-7 Configuring VRF-Aware IPSec Settings, Configuring High Availability in Your VPN Topology,Configuring an IKE Proposal, Configuring IPSec Proposals, Topology. See IKE Proposal Page, page B-37 Understanding IPSec Technologies and Policies,See IPSec Proposal Page, page B-39 B-53 IPSec Tab, page B-28 See GRE Modes Page, page B-59High Availability Page, page B-34 Managing VPN Devices in Device View, Peers Topology. See Device Selection Page, page B-10 Create VPN Wizard Name and Technology Editing a VPN Topology, Device SelectionDefining a Name and IPSec Technology, B-10 Navigation Path Page, page B-9 Endpoints See VPN Interface Tab, page B-17 B-34 Tab, page B-24See Edit Endpoints Dialog Box, page B-16 Edit Endpoints Dialog Box VPN Interface Tab Information, see Interface Roles Page, page C-126 Procedure for Configuring a Vpnsm or VPN SPA Blade, More information, see Interface Roles Page, page C-126 IP Address for IPSec Termination -To enter manually the IP Cisco IOS Routers, More information, see Configuring Dialer Interfaces on Box, page B-32 Defining VPN Services Module Vpnsm or VPN SPA Settings VPN SPA Blade, For more information, see Adding VPN SPA Slot Locations IP Address for IPSec Termination-To enter manually the IP Protected Networks Tab Table B-9 Edit Endpoints Dialog Box Protected Networks Tab Fwsm Tab More information, see Editing Access Control List ObjectsMore information, see Editing Interface Role Objects, Information, see Editing Network/Host Objects, Table B-10 Edit Endpoints Dialog Box Fwsm Tab For more information, see Interface Roles Page, page C-126 VRF Aware IPSec Tab Table B-11 Edit Endpoints Dialog Box VRF Aware IPSec Tab IPSec Two-Box Solution, Solution, Routers C-126 Summary page. See VPN Summary Page, page B-3 Dial Backup Settings Dialog Box Table B-12 Dial Backup Settings Dialog Box High Availability Table B-13 Create VPN wizard High Availability For more information, see Enabling Stateful Failover, Policy configured. See VPN Summary Page, page B-3 IKE Proposal Site to Site VPN Policies More information, see IKE Proposal Dialog Box, page C-123 Site-to-Site VPN Policies in Policy View,Understanding Preshared Key Policies, C-123 IPSec ProposalIKE, For more information, see About Crypto Maps, Shared Site-to-Site VPN Policies in Policy View, For more information, see About Transform Sets, IPSec Transform Sets Page, page C-130 To Use, Element Description ISAKMP/IPSec Settings Tab VPN Global Settings For more information, see About IKE Keepalive, Configuring VPN Global Settings, See Understanding IKE, Appendix B Site-to-Site VPN User Interface Reference VPN Global Settings Page, page B-44 Understanding NAT, NAT Settings Tab NAT, For more information, see About NAT Traversal, General Settings Tab For more information, see Understanding Fragmentation Select the required setting for the DF bit Preshared Key Table B-19 Preshared Key Element Description Negotiation Method Public Key Infrastructure Attributes, Working with PKI Enrollment Objects,C-140 GRE Modes FlexConfig see Working with FlexConfigs, Table B-21 GRE Modes Page GRE or GRE Dynamic IP Policy GRE?, OL-8214-02 Configuring Cisco IOS Router Interfaces, OL-8214-02 For more information, see Prerequisites for Successful Configuration of GRE, Element Description Preshared Key Policies, Interfaces, For more information, see Configuring Cisco IOS Router Easy VPN IPSec Proposal Understanding Easy VPN, For more information, see Understanding NAT, More information, see Working with AAA Server Group Objects Device Access Policies,Group Objects, For more information, see Editing User Group Objects, User Group PolicyWorking with User Group Objects, Tunnel Group Policy PIX 7.0/ASA Tunnel Group Policy General Tab For more information, see Working with ASA User Groups Client Address Assignment Network/Host Objects, Tunnel Group Policy IPSec Tab For more information, see Supported AAA Server Types Tunnel Group Policy Advanced Tab More information, see Working with Interface Role Objects Tunnel Group Policy PIX 7.0/ASA Tunnel Group Policy Client VPN Software Update Tab Client Connection Characteristics Table B-29 Easy VPN Remote Client Connection Characteristics Working with Site-to-Site VPN Policies, About Locking in Site-to-Site VPN Topologies, For more information, see Deleting a VPN Topology, See Site to Site VPN Policies, page B-37For more information, see About Editing a VPN Topology OL-8214-02 OL-8214-02