6-8
Cisco Secure Router 520 Series Software Configuration Guide
OL-14210-01
Chapter 6 Configuring a VPN Using Easy VPN and an IPsec Tunnel
Apply the Crypto Map to the Physical Interface
Apply the Crypto Map to the Physical Interface
The crypto maps must be applied to each interface through which IP Security (IPsec) traffic flows.
Applying the crypto map to the physical interface instructs the router to evaluate all the traffic against
the security associations database. With the default configurations, the router provides secure
connectivity by encrypting the traffic sent between remote sites. However, the public interface still
allows the rest of the traffic to pass and provides connectivity to the Internet.
Perform these steps to apply a crypto map to an interface, beginning in global configuration mode:
Step 3
reverse-route
Example:
Router(config-crypto-map)# reverse-route
Router(config-crypto-map)#
Creates source proxy information for the crypto
map entry.
See the Cisco IOS Security Command Reference
for details.
Step 4
exit
Example:
Router(config-crypto-map)# exit
Router(config)#
Returns to global configuration mode.
Step 5
crypto map map-name seq-num [ipsec-isakmp]
[dynamic dynamic-map-name] [discover]
[profile profile-name]
Example:
Router(config)# crypto map static-map 1
ipsec-isakmp dynamic dynmap
Router(config)#
Creates a crypto map profile.
Command or Action Purpose
Command or Action Purpose
Step 1
interface type number
Example:
Router(config)# interface fastethernet 4
Router(config-if)#
Enters the interface configuration mode for the
interface to which you want the crypto map
applied.