HP 7000 dl Router manual Copyright 2005 Hewlett-Packard Development Company, L.P 818

crypto map <mapname>

Use the crypto map command to associate crypto maps with the interface.

When you apply a map to an interface, you are applying all crypto maps with the given map name. This allows you to apply multiple crypto maps if you have created maps which share the same name but have different map index numbers.

For VPN configuration example scripts, refer to the technical support note

Configuring VPN located on the ProCurve SROS documentation CD provided with your unit.

Syntax Description

Default Values

By default, no crypto maps are assigned to an interface.

Command Modes

Functional Notes

When configuring a system to use both the stateful inspection firewall and IKE negotiation for VPN, keep the following notes in mind.

When defining the policy-class and associated access-control lists (ACLs) that describe the behavior of the firewall, do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system. The firewall should be set up with respect to the un-encrypted traffic that is destined to be sent or received over the VPN tunnel. The following diagram represents typical SROS data-flow logic.