Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

24-61

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 24 Managing Site-to-Site VPNs: The Basics

Creating or Editing VPN Topologies

Transform Sets The IPsec IKEv1 transform sets that specify the authentication and

encryption algorithms that will be used to secure the traffic in the VPN

tunnel. See Configuring IPsec Proposals in Site-to-Site VPNs,

page 25-21.

Note IPsec IKEv2 transform sets are not displayed in the summary.

Preshared Key Unavailable if the selected technology is Easy VPN.

Specifies whether the shared key to use in the IKEv1 preshared key

policy is user defined or auto-generated. See Configuring IKEv1

Preshared Key Policies, page 25-44.

Note IKEv2 preshared key settings are not displayed in the summary.

Public Key Infrastructure If an IKEv1 Public Key Infrastructure policy is configured in the VPN

topology, specifies the certificate authority (CA) server. See

Configuring IKEv1 Public Key Infrastructure Policies in Site-to-Site

VPNs, page 25-50.

Note IKEv2 PKI configurations are not displayed in the summary.

Routing Protocol Available only if the selected technology is IPsec/GRE, GRE Dynamic

IP, or DMVPN.

The routing protocol and autonomous system (or process ID) number

used in the secured IGP for configuring a GRE, GRE Dynamic IP, or

DMVPN routing policy.

Note Security Manager adds a routing protocol to all the devices in

the secured IGP on deployment. If you want to maintain this

secured IGP, you must create a router platform policy using this

routing protocol and autonomous system (or process ID)

number.

See Understanding the GRE Modes Page, page 26-1.

Tunnel Subnet IP Available only if the selected technology is IPsec/GRE, GRE Dynamic

IP, or DMVPN.

If a tunnel subnet is defined, displays the inside tunnel interface IP

address, including the unique subnet mask.

See Understanding the GRE Modes Page, page 26-1.

User Group Available for an Easy VPN topology.

If a User Group policy is configured on a device in the Easy VPN

topology, displays the details of the policy. See Configuring a User

Group Policy for Easy VPN, page 27-14.

PIX7.0/ASA Tunnel Group Available for an Easy VPN topology.

If a Connection Profile policy is configured on a PIX Firewall version

7.0+ or ASA appliance in the Easy VPN topology, displays the details

of the policy. See Connection Profiles Page, page 30-8.

Table 24-14 VPN Summary Page (Continued)

Element Description

previous next