EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #145 background imageLoading...
Page #145 background image
Implementing IPSec Network Security on Cisco IOS XR Software
How to Implement IPSec Network Security for VPNs
SC-133
Cisco IOS XR System Security Configuration Guide
Configuring IPSec Virtual Interfaces
These tasks configure IPSec virtual interfaces:
Configuring Static IPSec Virtual Interfaces, page SC-133
Configuring IPSec-Protected GRE Virtual Interfaces, page SC-136
Configuring Static IPSec Virtual Interfaces
This task configures static IPSec service virtual interfaces (SVIs).
SUMMARY STEPS
1. configure
2. interface service-ipsec number
3. profile profile-name
4. tunnel source ip-address
5. tunnel destination ip-address
6. tunnel vrf vrf-name
7. vrf vrf-name
8. ipv4 address ipv4-address mask [secondary]
9. service-location preferred-active location [preferred-standby location [auto-revert]]
10. end
or
commit
11. show route [vrf vrf name]
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/0/CPU0:router# configure
Enters global configuration mode.
Step 2
interface service-ipsec
number
Example:
RP/0/0/CPU0:router(config)# interface service-ipsec
2
RP/0/0/CPU0:router(config-if)#
Creates a static IPSec SVI.
You can use the interface service-ipsec command
to enter service-ipsec interface configuration mode.
Step 3
profile
profile-name
Example:
RP/0/0/CPU0:router(config-if)# profile ipsec_profa
Specifies the crypto profile to use for IPSec
processing.
Use the profile-name argument to define the
previous crypto profile to use. The character
range is from 1 to 32 characters.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals