EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #152 background imageLoading...
Page #152 background image
Implementing IPSec Network Security on Cisco IOS XR Software
Configuration Examples for Implementing IPSec Network Security for Locally Sourced Traffic and Destined Traffic
SC-140
Cisco IOS XR System Security Configuration Guide
Configuration Examples for Implementing IPSec Network
Security for Locally Sourced Traffic and Destined Traffic
This section provides the following configuration examples:
Configuring a Static Profile and Attaching to a Tunnel-ipsec Interface: Example, page SC-140
Configuring a Dynamic Profile and Attaching to a Tunnel-ipsec Interface: Example, page SC-141
Configuring a Static Profile and Attaching to Transport: Example, page SC-142
Configuring a Static Profile and Attaching to a Tunnel-ipsec Interface: Example
The following example shows a minimal IPSec configuration where a static crypto profile is created and
attached to a tunnel-ipsec interface.
An IPSec access list named sample1 defines which traffic to protect:
ipv4 access-list sample1 permit ip 10.0.0.0 0.0.0.255 10.2.2.0 0.0.0.255
Step 3
crypto ipsec pmtu
pmtu
Example:
RP/0/0/CPU0:router(config-if)# crypto ipsec pmtu
1500
Specifies the default path MTU for the SAs that are
created under the interface.
Use the pmtu argument to specify the value of
MTU in bytes. The range is from 68 to 9216.
Step 4
end
or
commit
Example:
RP/0/0/CPU0:router(config-if)# end
or
RP/0/0/CPU0:router(config-if)# commit
Saves configuration changes.
When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
Command or Action Purpose

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals