Name: Cisco 2911
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

141

Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide

Chapter Configuring Security Features

Configuring VPN

Configure the IPSec Crypto Method and Parameters

A dynamic crypto map policy processes negotiation requests for new security associations from remote

IPSec peers, even if the router does not know all the crypto map parameters (for example, IP address).

To configure the IPSec crypto method, follow these steps, beginning in global configuration mode.

SUMMARY STEPS

1. crypto dynamic-map dynamic-map-name dynamic-seq-num

2. set transform-set transform-set-name [transform-set-name2...transform-set-name6]

3. reverse-route

4. exit

5. crypto map map-name seq-num [ipsec-isakmp] [dynamic dynamic-map-name] [discover]

[profile profile-name]

DETAILED STEPS

Command or Action Purpose

Step 1

crypto dynamic-map dynamic-map-name

dynamic-seq-num

Example:

Router(config)# crypto dynamic-map dynmap 1

Router(config-crypto-map)#

Creates a dynamic crypto map entry and enters

crypto map configuration mode.

See Cisco IOS Security Command Reference for

more detail about this command.

Step 2

set transform-set transform-set-name

[transform-set-name2...transform-set-name6]

Example:

Router(config-crypto-map)# set

transform-set vpn1

Router(config-crypto-map)#

Specifies which transform sets can be used with

the crypto map entry.

Step 3

reverse-route

Example:

Router(config-crypto-map)# reverse-route

Router(config-crypto-map)#

Creates source proxy information for the crypto

map entry.

See Cisco IOS Security Command Reference for

details.

Other manuals for Cisco 2911

Manual10 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco 2911 and is the answer not in the manual?

Cisco 2911 Specifications

General

Ethernet LAN	Yes
Cabling technology	10/100/1000Base-T(X)
Networking standards	IEEE 802.1Q, IEEE 802.1ag, IEEE 802.3, IEEE 802.3ab, IEEE 802.3af, IEEE 802.3ah, IEEE 802.3u
Ethernet LAN data rates	10, 100, 1000 Mbit/s
Ethernet interface type	Gigabit Ethernet
DHCP client	-
Routing protocols	BGP, EIGRP, OSPF
Supported protocols	IPv4, IPv6, IS-IS, IGMPv3, PIM SM, SSM, DVMRP, IPSec, GRE, BVD, MPLS, L2TPv3, PPP, MLPPP, MLFR, HDLC, RS-232, RS-449, X.21, V.35, EIA-530, PPPoE, ATM
USB version	2.0
RS-232 ports	1
Expansion slots	4 x EHWIC 2 x DSP 1 x ISM
USB ports quantity	2
Ethernet LAN (RJ-45) ports	3
Firewall security	Cisco IOS
Input current	2.2 A
AC input voltage	100 - 240 V
Power source type	AC
AC input frequency	47 - 63 Hz
Power consumption (typical)	50 W
Product color	Black
Rack capacity	2U
Operating altitude	0 - 4000 m
Non-operating altitude	0 - 4570 m
Storage temperature (T-T)	-40 - 80 °C
Operating temperature (T-T)	0 - 40 °C
Storage relative humidity (H-H)	5 - 95 %
Operating relative humidity (H-H)	5 - 85 %
Safety	UL 60950-1, CAN/CSA C22.2 No. 60950-1, EN 60950-1, AS/NZS 60950-1, IEC 60950-1
Electromagnetic compatibility	47 CFR, ICES-003, EN55022, CISPR22, AS/NZS 3548, VCCI V-3, EN 300-386, EN 61000, EN 55024, CISPR 24EN50082-1