Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

24-44

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 24 Managing Site-to-Site VPNs: The Basics

Creating or Editing VPN Topologies

Tunnel Source Note Available only for a hub when the selected technology is

IPsec/GRE or DMVPN.

Specifies the tunnel source address to be used by the GRE or DMVPN

tunnel on the spoke side. You can select one of the following options:

• Override Unique Tunnel Source per Tunnel Interface—If you

have enabled the setting to use a unique tunnel source per tunnel

interface in the GRE Modes > Tunnel Parameters tab, this option is

available. Select this option to specify a different tunnel source for

the selected device.

• Outside VLAN/External Port (When CCA/VRF is

Enabled)—When the Use Crypto Connect Alternate check box

is selected, this radio button is available. When selected, specifies

the outside VLAN/external port as the tunnel source.

• Inside VLAN—When selected, uses the interface configured for

the inside VLAN as the tunnel source.

• Interface—To use any interface as the tunnel source address, not

necessarily a VPN interface, enter the interface name or click

Select to select an interface role that identifies the interface. You

can create new roles from the selection list.

Local Peer IPSec

Termination

Define the IPSec termination point of the VPN interface on the local

router:

• Inside VLAN—Use the interface configured as the inside VLAN.

• IP Address—Use the IP address of the VPN interface on the local

router. Enter the IP address.

Note If you select a tunnel source as the VPN interface, it is likely

that the VPN interface has a dynamically assigned IP address.

Enable Failover Blade Whether to configure a failover VPNSM or VPNSPA/VSPA blade for

intra-chassis high availability.

Note A VPNSM and VPNSPA/VSPA blade cannot be used on the

same device as primary and failover blades.

Specify the failover blade, as follows:

• Slot—The slot number that identifies where the VPNSM blade or

VPNSPA/VSPA blade is located.

• Subslot—If you are configuring a VPNSPA/VSPA, select the

number of the subslot (0 or 1) on which the failover VPN SPA

blade is installed.

Note If you are configuring a VPNSM, select the blank option.

Table 24-8 Edit Endpoints Dialog Box, VPN Interface Tab’s VPNSM/VPN SPA/VSPA Settings

Element Description

previous next