EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #146 background imageLoading...
Page #146 background image
Implementing IPSec Network Security on Cisco IOS XR Software
How to Implement IPSec Network Security for VPNs
SC-134
Cisco IOS XR System Security Configuration Guide
Step 4
tunnel source {
ip-address
}
Example:
RP/0/0/CPU0:router(config-if)# tunnel source
172.19.72.92
Specifies the source address for a tunnel-ipsec
interface.
Use the ip-address argument to set the IP
address to use as the source address for packets
in the tunnel.
Step 5
tunnel destination
ip-address
Example:
RP/0/0/CPU0:router(config-if)# tunnel destination
172.19.72.120
Identifies the IP address of the tunnel destination.
Use the ip-address argument to set the IP
address of the host destination.
If the IPSec profile is a dynamic, the tunnel
destination should not be configured.
Step 6
tunnel vrf
vrf-name
Example:
RP/0/0/CPU0:router(config-if)# tunnel vrf internet
Associates a VRF instance with the tunnel source or
destination of the interfaces. The tunnel VRF
specifies in which VRF the tunneled traffic is
forwarded (FVRF). Tunnel VRF is not required if
FVRF is the global VRF.
Use the vrf-name argument to assign the name
of a VRF.
Step 7
vrf
vrf-name
Example:
RP/0/0/CPU0:router(config-if)# vrf vpn_a
Assigns a VRF to the interface. VRF is specified to
clear traffic that is forwarded for the internal VRF
(IVRF). In addition, VRF is not required if IVRF is
a global VRF.
Use the vrf-name argument to assign the name
of a VRF.
Step 8
ipv4 address
ipv4-address
mask
[secondary]
Example:
RP/0/0/CPU0:router(config-if)# ipv4 address
192.168.1.27 255.255.255.0
Sets a primary or secondary IPv4 address for an
interface, for example, POS interface.
Use the ipv4-address argument to set the IPv4
address.
Use the mask argument to set the mask for the
associated IP subnet. The network mask is
specified in either of two ways:
The network mask is a four-part dotted
decimal address. For example, 255.0.0.0
indicates that each bit equal to 1 means the
corresponding address bit belongs to the
network address.
The network mask is indicated as a slash (/)
and number. For example, /8 indicates that
the first 8 bits of the mask are ones, and the
corresponding bits of the address are
network address.
(Optional) Use the secondary keyword to
specify that the configured address is a
secondary IPv4 address. If this keyword is
omitted, the configured address is the primary
IPv4 address.
Command or Action Purpose

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals