Chapter 17 Configuring Virtual Private Networks

Sample IOS configuration summary

aaanew-model

!

!

aaa authentication login default local aaa authentication login webvpn local aaa authorization exec default local

!

aaa session-id common

!

clock timezone CST -6

clock summer-time CDT recurring

!

crypto pki token default removal timeout 0

!

! Define trustpoints

crypto pki trustpoint iosrcdnvpn-cert enrollment selfsigned serial-number

subject-name cn=iosrcdnvpn-cert revocation-check none rsakeypair iosrcdnvpn-key 1024

!

crypto pki trustpoint CiscoMfgCert enrollment terminal revocation-check none

authorization username subjectname commonname

!

crypto pki trustpoint CiscoRootCA enrollment terminal revocation-check crl

authorization username subjectname commonname

!

!

! Certificates

crypto pki certificate chain iosrcdnvpn-cert certificate self-signed 04

crypto pki certificate chain CiscoMfgCert certificate ca 6A6967B3000000000003

crypto pki certificate chain CiscoRootCA certificate ca 5FF87B282B54DC8D42A315B568C9ADFF

crypto pki certificate chain test certificate ca 00

dot11 syslog

ip source-route

!

!

ip cef

!

!

!

ip domain name nw048b.cisco.com no ipv6 cef

!

multilink bundle-name authenticated

!

!

voice-card 0

!

!

!

license udi pid CISCO2821 sn FTX1344AH76 archive

log config

 

Cisco Unified Communications Manager Security Guide

17-6

OL-24124-01

Page 5 Page 7
Page 6
Image 6
Cisco Systems OL-24124-01 manual 17-6, Aaa new-model
Page 5 Page 7
Top Page Image Contents