EasyManua.ls Logo

Cisco IOS XR

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Implementing IPSec Network Security on Cisco IOS XR Software
Configuration Examples for Implementing IPSec Network Security for Locally Sourced Traffic and Destined Traffic
SC-140
Cisco IOS XR System Security Configuration Guide
Configuration Examples for Implementing IPSec Network
Security for Locally Sourced Traffic and Destined Traffic
This section provides the following configuration examples:
Configuring a Static Profile and Attaching to a Tunnel-ipsec Interface: Example, page SC-140
Configuring a Dynamic Profile and Attaching to a Tunnel-ipsec Interface: Example, page SC-141
Configuring a Static Profile and Attaching to Transport: Example, page SC-142
Configuring a Static Profile and Attaching to a Tunnel-ipsec Interface: Example
The following example shows a minimal IPSec configuration where a static crypto profile is created and
attached to a tunnel-ipsec interface.
An IPSec access list named sample1 defines which traffic to protect:
ipv4 access-list sample1 permit ip 10.0.0.0 0.0.0.255 10.2.2.0 0.0.0.255
Step 3
crypto ipsec pmtu
pmtu
Example:
RP/0/0/CPU0:router(config-if)# crypto ipsec pmtu
1500
Specifies the default path MTU for the SAs that are
created under the interface.
Use the pmtu argument to specify the value of
MTU in bytes. The range is from 68 to 9216.
Step 4
end
or
commit
Example:
RP/0/0/CPU0:router(config-if)# end
or
RP/0/0/CPU0:router(config-if)# commit
Saves configuration changes.
When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
Command or Action Purpose

Table of Contents

Related product manuals