Remote Peer ISAKMP Protocol Policy Mode Commands
14-100 Configuring the VPN
Syntax
crypto isakmp peer_address subnet-mask
Syntax
Thenoformofthiscommandremovespoliciesfromaremotepeer:
no crypto isakmp peer peer_address subnet-mask
Mode
Globalconfiguration:XSR(config)#
Next Mode
RemotePeerISAKMPprotocolpolicyconfiguration:XSR(config-isakmp-peer)#
Example
ThefollowingexamplesetstheremotepeersIKEpolicies:
XSR(config)#crypto isakmp peer 192.168.57.9 255.255.255.255
XSR(config-isakmp)#

config-mode

ThiscommandsetsthelocalIKEModeConfigurationrole.WhilenotofficiallyanIETFstandard,
configmodeisthedefactostandardforassigningIPaddresseswithinIKE.
InternetKeyExchange(IKE)ModeConfiguration,asimplementedbymanyvendors,allowsa
gatewaytodownloadanIPaddress(andothernetworklevelconfiguration)totheclientaspartof
IKEnegotiation.Usingthisexchange,thegatewaygivesIPaddressestotheIKEclienttobeused
asaninnerIPaddressencapsulatedunderIPSec.ThismethodprovidesaknownIPaddressforthe
clientthatcanbematchedagainstIPSecpolicy.
WhenconfiguredasaModeConfiggateway,theXSRallocatesanIPaddresstoapeermrequesting
itandwhenconfiguredasaclient,theXSRrequestsanIPaddressfromthegateway.
Syntax
config-mode {client | gateway}
Syntax of the “no” Form
ThenoformofthiscommandresetsIKEconfigurationmodetothedefault:
no config-mode
peer_address PeerʹsIPaddressorIPsubnettowhichthepolicywillbeattached.
subnet-mask Valueusedwiththepeeraddress.
client ActasaConfigurationModeclientwiththispeer.
gateway ActasaConfigurationModeserverwiththispeer.