Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Implement IKE for Locally Sourced and Destined Traffic
SC-58
Cisco IOS XR System Security Configuration Guide
Clearing a Crypto Session
Use the clear crypto session command in EXEC mode to delete the crypto sessions (IP Security [IPSec]
and Internet Key Exchange [IKE] security associations [SAs]) for users and groups.
How to Implement IKE for Locally Sourced and Destined Traffic
This section contains the following procedure:
• Configuring the ISAKMP Profile for Locally Sourced and Destined Traffic, page SC-58
Configuring the ISAKMP Profile for Locally Sourced and Destined Traffic
An ISAKMP profile is a repository of commands for a set of peers.
This task configures the ISAKMP profile for locally sourced and destined traffic.
Step 4
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isakmp-peer)# end
or
RP/0/RP0/CPU0:router(config-isakmp-peer)# commit
Saves configuration changes.
• When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
–
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
–
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
• Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
Step 5
show crypto isakmp peers [
ip-address
| vrf
vrf-name
]
Example:
RP/0/RP0/CPU0:router# show crypto isakmp peers
Displays peer descriptions.
Command or Action Purpose
To Next Page
Loading...
