Command Reference Guide Global Configuration Mode Command Set
61200510L1-35E Copyright © 2005 ADTRAN 370
Step 8:
Create crypto map. A crypto map is used to define a set of encryption schemes to be used for a given
interface. A crypto map entry has a unique index within the crypto map set. The crypto map entry will
specify whether IKE is used to generate encryption keys or if manually specified keys will be used. The
crypto map entry will also specify who will be terminating the VPN tunnel, as well as which transform set or
sets will be used to encrypt and/or authenticate the traffic on that VPN tunnel. It also specifies the lifetime
of all created IPSec security associations.
(config)#crypto map corporate_vpn 1 ipsec-ike
(config-crypto-map)#match address corporate_traffic
(config-crypto-map)#set peer 63.105.15.129
(config-crypto-map)#set transform-set highly_secure
(config-crypto-map)#set security-association lifetime kilobytes 8000
(config-crypto-map)#set security-association lifetime seconds 28800
(config-crypto-map)#no set pfs
Step 9:
Configure a public interface. This process includes configuring the IP address for the interface and
applying the appropriate crypto map to the interface. Crypto maps are applied to the interface on which
encrypted traffic will be transmitted.
(config)#interface ppp 1
(config-ppp 1)#ip address 63.97.45.57 255.255.255.248
(config-ppp 1)#crypto map corporate_vpn
(config-ppp 1)#no shutdown
Step 10:
Configure a private interface. T his process allo ws all traffic destined fo r th e VPN tunnel to be ro uted to the
appropriat e ga te wa y.
(config)#interface ethernet 0/1
(config-eth 0/1)#ip addres s 10.10.10.254 255.255.255.0
(config-eth 0/1)#no shutdown
(config-eth 0/1)#exit