Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
Configuration Tasks
Apply the Crypto Map to the Physical Interface
The crypto maps must be applied to each interface through which IP Security (IPSec) traffic flows. Applying the crypto map to the physical interface instructs the router to evaluate all the traffic against the security associations database. With the default configurations, the router provides secure connectivity by encrypting the traffic sent between remote sites. However, the public interface still allows the rest of the traffic to pass and provides connectivity to the Internet.
Perform these steps to apply a crypto map to an interface, beginning in global configuration mode:
SUMMARY STEPS
1.interface type number
2.crypto map map-name
3.exit
DETAILED STEPS
| Command or Action | Purpose |
Step 1 |
|
|
interface type number | Enters the interface configuration mode for the | |
| Example: | interface to which you want the crypto map |
| applied. | |
| Router(config)# interface fastethernet 4 |
|
|
| |
Step 2 |
|
|
crypto map | Applies the crypto map to the interface. | |
| Example: | See Cisco IOS Security Command Reference for |
| more details about this command. | |
| ||
|
| |
|
| |
Step 3 |
|
|
exit | Returns to global configuration mode. | |
| Example: |
|
|
| |
| Router(config)# |
|
|
|
|
Create an Easy VPN Remote Configuration
The router acting as the IPSec remote router must create an Easy VPN remote configuration and assign it to the outgoing interface.
Perform these steps to create the remote configuration, beginning in global configuration mode:
SUMMARY STEPS
1.crypto ipsec client ezvpn name
2.group
3.peer {ipaddress hostname}
| Cisco 819 Integrated Services Routers Software Configuration Guide |
|
|
