lunedì 25 aprile 2011

dynamic crypto maps

dynamic crypto maps are used when remote peers are unknown

on SPOKES you use the crypto map
on HUBS you use the dynamic crypto which is then referenced by the crypto map

HUB
crypto isakmp policy 1
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set des esp-des esp-md5-hmac
!
crypto dynamic-map 1 1
set transform-set des
!
!
crypto map 1 1 ipsec-isakmp dynamic 1

SPOKES
crypto isakmp policy 1
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set des esp-des esp-md5-hmac
!
crypto map 1 1 ipsec-isakmp
set peer 1.1.1.1
set transform-set des
match address 101
Pubblicato da alle
Etichette: , , , , ,

Nessun commento:

Posta un commento

Iscriviti a: Commenti sul post (Atom)