Step 4 hq-sanjose(config-crypto-map)# set peer

3-27
Cisco IOS VPN Configuration Guide
OL-8336-01
Chapter 3 Site-to-Site and Extranet VPN Business Scenarios
Step 3—Configuring Encryption and IPSec
hq-sanjose# 
show crypto map
Crypto Map: “s4second” idb: Serial2/0 local address: 172.16.2.2
Crypto Map “s4second” 2 ipsec-isakmp
Peer = 172.23.2.7
Extended IP access list 111
access-list 111 permit ip 
source: addr = 10.2.2.2/255.255.255.0
dest: addr = 10.1.5.3/255.255.255.0S
Current peer: 172.23.2.7
Security-association lifetime: 4608000 kilobytes/3600 seconds
PFS (Y/N): N
Transform sets={proposal4,}
-Display text omitted-
Tip
If you have trouble, make sure you are using the correct IP addresses.
Applying Crypto Maps to Interfaces
You need to apply a crypto map set to each interface through which IPSec traffic will flow. Applying the 
crypto map set to an interface instructs the router to evaluate all the interface traffic against the crypto 
map set, and to use the specified policy during connection or SA negotiation on behalf of traffic to be 
protected by crypto.
To apply a crypto map set to an interface, complete the following steps starting in global configuration 
mode:

Download 2,05 Mb.

Do'stlaringiz bilan baham: