EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #71 background imageLoading...
Page #71 background image
Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
How to Implement IKE for Locally Sourced and Destined Traffic
SC-59
Cisco IOS XR System Security Configuration Guide
SUMMARY STEPS
1. configure
2. crypto isakmp profile [local] profile-name
3. description string
4. keepalive disable
5. self-identity {address | fqdn | user-fqdn user-fqdn}
6. keyring keyring-name
7. match identity {group group-name | address address [mask] vrf [fvrf] | host hostname | host
domain domain-name | user username | user domain domain-name}
8. set interface tunnel-ipsec intf-index
9. set ipsec-profile profile-name
10. end
or
commit
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
crypto isakmp profile [local]
profile-name
Example:
RP/0/RP0/CPU0:router(config)# crypto isakmp profile
local vpnprofile
RP/0/RP0/CPU0:router(config-isa-prof)#
Defines an ISAKMP profile and audits IPSec user
sessions.
(Optional) Use the local keyword to specify that
the profile is used for locally sourced or
terminated traffic.
Note The local keyword is specific only to the
Cisco IPSec VPN SPA.
Use the profile-name argument to specify the
name of the user profile.
Step 3
description
string
Example:
RP/0/RP0/CPU0:router(config-isa-prof)# description
this is a sample profile
Creates a description for a keyring.
Use the string argument to specify the character
string that describes the keyring.
Step 4
keepalive disable
Example:
RP/0/RP0/CPU0:router(config-isa-prof)# keepalive
disable
Lets the gateway send DPD messages to the
Cisco IOS XR peer.
Use the disable keyword to disable the
keepalive global declarations.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals