SECUR Exam Cram™ 2 (Exam 642-501)

Configuring Crypto Maps

The command syntax for creating a crypto map is

Router(config)# crypto map map-name seq-num ipsec-isakmp
Router(config-crypto-map)# match address {100-199 | name}
Router(config-crypto-map)# set peer {ip_address | hostname}
Router(config-crypto-map)# set transform-set name
Router(config-crypto-map)# set security-association lifetime

The ipsec-isakmp keyword tells the router that IKE will be used to automatically establish the IPSec SA. The map-name is simply a name that you make up; it has significance only to the local router.

More important is the seq-num. Sequence numbers determine the priority of the crypto map and can range from 1 to 65,535. The lower the sequence number, 1 being the lowest, the higher the crypto ...

Get SECUR Exam Cram™ 2 (Exam 642-501) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SECUR Exam Cram™ 2 (Exam 642-501) by Raman Sud, Ken Edelman

Configuring Crypto Maps

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly