C H A P T E R 4

Configuring the ISA and ISM

This chapter contains the information and procedures needed to configure the ISA or the ISM in the Cisco 7100 series VPN routers and Cisco 7200 series routers. This chapter contains the following sections:

Overview, page 4-1

Using the EXEC Command Interpreter, page 4-2

Enabling MPPE, page 4-2

Configuring IKE, page 4-3

Configuring IPSec, page 4-4

Creating Crypto Maps, page 4-7

Applying Crypto Maps to Interfaces, page 4-9

Verifying Configuration, page 4-9

IPSec Example, page 4-12

Overview

On power up if the enabled LED is on, the ISA or the ISM is fully functional and does not require any configuration commands. However, for the ISA or the ISM to provide encryption services, you must complete the steps in the following sections:

Enabling MPPE, page 4-2(required)

Configuring IKE, page 4-3(required)

Configuring IPSec, page 4-4(required)

Creating Crypto Maps, page 4-7(required)

Optionally, you can configure Certification Authority (CA) interoperability (refer to the “Configuring Certification Authority Interoperability” chapter in the Security Configuration Guide publication).

The ISA or the ISM provides encryption services for any interface in Cisco 7100 series and Cisco 7200 series routers. If you have previously configured IPSec on the router and you install an ISA or an ISM, the ISA or the ISM automatically performs encryption services.

Note There are no interfaces to configure on the ISA or the ISM.

Integrated Services Adapter and Integrated Services Module Installation and Configuration

 

OL-3575-01 B0

4-1

 

 

 

Page 37
Image 37
Cisco Systems SM-ISM, SA-ISA manual Configuring the ISA and ISM, Overview