IP Security - Virtual Private Network
Left running head:
Chapter name (automatic)
768
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
Alcatel-Lucent
CRYPTO MAP
crypto map <name> ipsec-ike <ike-policy name>} [force]
DESCRIPTION
This command is entered in the Configuration Mode. This command creates a
crypto map, and attaches an IKE policy to it.
• Which traffic should be protected by IPsec. (as defined by match-list earlier).
• Where the IPsec-protected traffic should be sent (remote ipsec peer).
• What kind of IPsec security to be applied to this traffic (as configured by the
transform-set).
• Security associations are established via IKE.
• The crypto map name can have a maximum of 32 characters.
PARAMETERS
EXAMPLE
ALU(config)# crypto map exampleMap ipsec-ike examplePolicy
CRYPTO MAP <MAP-NAME>
crypto map <map-name>
DESCRIPTION
Crypto map needs to be applied to an interface through which the IPsec traffic
flows. Binding a crypto map to an interface instructs the system to evaluate all the
interface traffic against the crypto map, and to use the specified policy during
connection or security association negotiation.
This command is entered in the Interface Configuration Mode. This command is
used to attach a crypto map to an interface.
PARAMETERS
EXAMPLE
ALU(config)# interface GigabitEthernet3/0
ALU(config-if GigabitEthernet3/0)# crypto map exampleMap
Parameter Description
name Name of the crypto map.
ike-policy name Name of the IKE policy.
Parameter Description
map-name Name of the crypto map.