11-13
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter11 Site-to-Site VPN
Create Site to Site VPN
Traffic to Protect
This window lets you define the traffic that this VPN protects. The VPN can
protect traffic between specified subnets, or protect the traffic specified in an
IPSec rule that you select.

Protect All Traffic Between the Following Subnets

Use this option to specify a single source subnet (a sub net on the LAN) whose
outgoing traffic you want to encrypt, and one destination subnet supported by the
peer that you specified in the VPN Connection window.
All traffic flowing between other source and destination pairs will be sent
unencrypted.
Source
Enter the address of the subnet whose outgoing traffic you want to prote ct, and
specify the subnet mask. For more information, refer to Available Interface
Configurations.
All traffic from this source subnet that has a destination IP address on the
destination subnet will be protected.
Destination
Enter the address of the destination subnet, and specify t he mask for that subnet.
You can select a subnet mask from the list, or type in a custom mask. The subnet
number and mask must be entered in dotted decimal format, as shown in the
previous examples.
Edit an existing transform set. Select a transform set, and click Edit. Then, edit the
transform set in the Edit Transform Set window. After editing
the transform set, click Next to continue VPN configuration.
Cisco SDM Default transform sets are read only and cannot
be edited.
Associate additional transform sets
with this VPN.
Select one transform set in this window, and complete the
VPN wizard. Then, associate other transform sets to the VPN
in the Edit tab.
If you want to: Do this: