Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Configure a Dead Peer Detection Message
SC-142
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
OL-20382-01
How to Configure a Dead Peer Detection Message
This task configures a keepalivedead peer detection (DPD) message.
SUMMARY STEPS
1. configure
2. crypto isakmp keepalive seconds retry-seconds [periodic | on-demand]
3. end
or
commit
Step 9
set ipsec-profile profile-name
Example:
RP/0/RP0/CPU0:router(config-isa-prof-match)# set
ipsec-profile myprofile
(Optional) Predefines the IPSec profile instance
when IKE negotiates for IPSec service associations
(SAs) for the traffic that is locally sourced or
terminated and the local endpoint is the IKE
responder.
• Use the profile-name argument to set the name
of the IPSec profile.
•
Note Only available if you selected the local
keyword earlier in this procedure.
Step 10
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isa-prof-match)# end
or
RP/0/RP0/CPU0:router(config-isa-prof-match)# commit
Saves configuration changes.
• When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting (yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
–
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
–
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
• Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
Command or Action Purpose
To Next Page
Loading...
Need help?
General
