Procedure
1. Use the crypto isakmp peer-group command, followed by the name of a peer-
group (a string of up to 110 characters), to enter the context of an ISAKMP peer-
group (and to create the peer-group if it does not exist).
For example:
Gxxx-001# crypto isakmp peer-group NY-VPN-group
Gxxx-001(config-peer-grp:NY-VPN-group)#
2. Use the description command to enter a description for the ISAKMP peer-
group.
For example:
Gxxx-001(config-peer-grp:NY-VPN-group)# description “Avaya peer group”
Done!
3. Add a peer to the list of peers in the group, using the set peer command:
Specify the peer’s name or address.
Note:
You can define up to a maximum of five peers in a peer-group.
Important:
Each of the peers listed in the peer-group must be configured as an ISAKMP peer
(see
Configuring ISAKMP peer information on page 489).
Optionally enter an index number, specifying the relative position of the peer within
the peer-group. If you do not enter an index number, the peer is added at the end
of the peer-group list, and is assigned an index following the last peer’s index.
For example:
Gxxx-001(config-peer-grp:NY-VPN-group)# set peer 149.49.52.135 1
Done!
4. Repeat Step
3 on page 0 for every peer you want to add to the list.
Configuring crypto maps
About this task
A crypto map points to a transform-set and to a peer that in turn points to an ISAKMP policy.
If you defined a peer-group, the crypto map can point to the peer-group. The transform-set and
ISAKMP policy define how to secure the traffic that matches the ip-rule that points to this crypto
map.
Important:
It is mandatory to create at least one crypto map.
IPSec VPN
Administering Avaya G430 Branch Gateway October 2013 493
To Next Page
Loading...
