EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #66 background imageLoading...
Page #66 background image
Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Implement IKE Security Protocol Configurations for IPSec Networks
SC-54
Cisco IOS XR System Security Configuration Guide
Configuring Crypto Keyrings
A crypto keyring is a repository of preshared and Rivest, Shamir, and Adelman (RSA) public keys. The
router can have zero or more keyrings. Each keyring optionally allows the specification of a VRF in
which the keys defined in the keyring belong.
This task configures crypto keyrings.
Crypto Keyrings Configuration Guidelines and Restrictions
Follow these guidelines and restrictions when configuring crypto keyrings:
• The VRF associated with a crypto keyring cannot be changed. A different keyring must be
configured with the new VRF value.
• Address overlapping in a keyring is not allowed and must be enforced during configuration.
• A crypto keyring is attached to one or more ISAKMP profiles and cannot be deleted while in use.
SUMMARY STEPS
1. configure
2. crypto keyring keyring-name [vrf fvrf-name]
3. description string
4. local-address ip-address
5. pre-shared-key {address address [mask] | hostname hostname} key key
6. rsa-pubkey {address address | name fqdn} [encryption | signature]
7. key-string key-string
8. quit
9. end
or
commit

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals