Cisco CISCO876-SEC-I-K9 Configuration Guide - Page 87
crypto map, ip access-list {standard | extended}, permit, Step 5
UPC - 882658021800
View all Cisco CISCO876-SEC-I-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 87 highlights
Chapter 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation Configuration Example Step 5 Command or Action crypto map map-name Example: Router(config-if)# crypto map static-map Router(config-if)# Step 6 exit Example: Router(config-if)# exit Router(config)# Step 7 ip access-list {standard | extended} access-list-name Example: Router(config)# ip access-list extended vpnstatic1 Router(config-acl)# Step 8 permit protocol source source-wildcard destination destination-wildcard Example: Router(config-acl)# permit gre host 192.168.100.1 host 192.168.101.1 Router(config-acl)# Step 9 exit Example: Router(config-acl)# exit Router(config)# Purpose Assigns a crypto map to the tunnel. Note Dynamic routing or static routes to the tunnel interface must be configured to establish connectivity between the sites. See the Cisco IOS Security Configuration Guide for details. Exits interface configuration mode, and returns to global configuration mode. Enters ACL configuration mode for the named ACL that is used by the crypto map. Specifies that only GRE traffic is permitted on the outbound interface. Returns to global configuration mode. Configuration Example The following configuration example shows a portion of the configuration file for a VPN using a GRE tunnel scenario described in the preceding sections. ! aaa new-model ! aaa authentication login rtr-remote local aaa authorization network rtr-remote local aaa session-id common ! username cisco password 0 cisco ! interface tunnel 1 ip address 10.62.1.193 255.255.255.252 OL-5332-01 Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide 7-9