Chapter17 IP Security
IPSec Policies
17-2
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Name
The name of this IPSec policy.
Type
One of the following:
ISAKMPIKE will be used to establish the IPSec security associations for
protecting the traffic specified by this crypto map entry. Cisco SDM supports
Internet Security Association and Key Management Protocol (ISAKMP)
crypto maps.
Manual—IKE will not be used to establish the IPSec security associations for
protecting the traffic specified by this crypto map entry.
Cisco SDM does not support the creation of manual crypto maps. C isco SDM
treats as read-only any manual crypto maps that have been created using the
command-line interface (CLI).
Dynamic—Specifies that this crypto map entry is to reference a preexisting
dynamic crypto map. Dynamic crypto maps are policy templa tes used in
processing negotiation requests from a peer IPSec device.
Cisco SDM does not support the creation of dynamic crypto maps. C isco
SDM treats as ready only any dynamic crypto maps created using the CLI.
Crypto Maps in this IPSec policy
Name
The name of the IPSec policy of which the crypto map is a part.
Seq. No.
When an IPSec policy is used in a VPN connection, the combination of the
sequence number and IPSec policy name uniquely identifies the connection.
Peers
This column lists the IP addresses or host names of the peer devices specified in
the crypto map. Multiple peers are separated by commas.
Transform Set
This column lists the transform sets used in the crypto map.