Name: Cisco 6000 series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Before you begin

To use the profile command, you must be in a user group associated with a task group that includes the proper

task IDs for crypto commands. To use the tunnel destination command, you must be in a user group associated

with a task group that includes the proper task IDs for interface commands.

For detailed information about user groups and task IDs, see the Configuring AAA Services module of System

Security Configuration Guide for the Cisco NCS 6000 Series Routers The following tasks are required for

creating Tunnel-IPSec interfaces:

• Setting Global Lifetimes for IPSec Security Associations

• Configuring Checkpointing

• Configuring Crypto Profiles

For detailed information on configuring the prerequisite checkpointing and crypto profiles, and setting the

global lifetimes for IPSec security associations, refer to the Implementing IPSec Network Security module

in System Security Configuration Guide for Cisco NCS 6000 Series Routers .

After configuring crypto profiles, you must apply a crypto profile to each tunnel interface through which

IPSec traffic will flow. Applying the crypto profile set to a tunnel interface instructs the router to evaluate all

the interface's traffic against the crypto profile set and to use the specified policy during connection or security

association negotiation on behalf of traffic to be protected by crypto.

SUMMARY STEPS

1. configure

2. interface tunnel-ipsec identifier

3. profile profile-name

4. tunnel source {ip-address | interface-id }

5. tunnel destination {ip-address | tunnel-id }

6. Do one of the following:

• end

•

• commit

7. show ip route

DETAILED STEPS

PurposeCommand or Action

Enters XR configuration mode.configure

Example:

Step 1

RP/0/RP0/CPU0:router# configure

Identifies the IPSec interface to which the crypto profile

will be attached and enters interface configuration mode.

interface tunnel-ipsec identifier

Example:

Step 2

RP/0/RP0/CPU0:router(config)# interface

tunnel-ipsec 30

Interface and Hardware Component Configuration Guide for Cisco NCS 6000 Series Routers, IOS XR Release 6.4.x

126

Configuring Tunnel Interfaces

Configuring Tunnel-IPSec Interfaces

Other manuals for Cisco 6000 series

Site Planning Guide54 pages

Hardware Installation Guide30 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco 6000 series and is the answer not in the manual?

Cisco 6000 series Specifications

General

Category	Network Router
Model	Cisco 6000 series
Routing Protocols	BGP, OSPF, EIGRP, IS-IS, RIP
Interfaces	Gigabit Ethernet, 10 Gigabit Ethernet
Ports	Varies by model
Power Supply	Redundant power supply options
Dimensions	Varies by model
Weight	Varies by model
Redundancy	Power supplies, fans, route processors
Operating System	Cisco IOS