Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

32-4

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 32 Managing Remote Access VPNs on IOS and PIX 6.3 Devices

Configuring an IPsec Proposal on a Remote Access VPN Server (IOS, PIX 6.3 Devices)

IPsec Proposal Editor (IOS, PIX 6.3 Devices)

Use the IPsec Proposal Editor to create or edit an IPsec proposal for an IOS or PIX 6.3 device, including

Catalyst 6500/7600, in your remote access VPN. The editor has two tabs—General and Dynamic

VTI/VRF Aware IPsec. This topic explains the basic settings on the General tab. For an explanation of

Dynamic VTI/VRF Aware IPsec settings, see Configuring Dynamic VTI/VRF Aware IPsec in Remote

Access VPNs (IOS Devices), page 32-7.

The elements in this dialog box differ according to the selected device. The table below describes the

elements on the General tab in the IPsec Proposal Editor dialog box when a Cisco IOS router, Catalyst

6500/7600, or PIX 6.3 device is selected.

Note For a description of the elements in the dialog box when a PIX 7.0+ or ASA device is selected is selected,

see IPsec Proposal Editor (ASA, PIX 7.0+ Devices), page 30-33.

Navigation Path

• (Device view) Select Remote Access VPN > IPSec VPN > IPsec Proposal (IOS/PIX 6.x) from the

Policy selector. Click the Add Row (+) or Edit Row (pencil) buttons.

• (Policy view) Select Remote Access VPN > IPSec VPN > IPsec Proposal (IOS/PIX 6.x) from the

Policy Type selector. Select an existing policy or create a new one. Click the Add Row (+) or Edit

Row (pencil) buttons.

Related Topics

• Configuring an IPsec Proposal on a Remote Access VPN Server (IOS, PIX 6.3 Devices), page 32-3

• Understanding IPsec Proposals, page 25-17

• Creating Interface Role Objects, page 6-68

• Creating AAA Server Group Objects, page 6-45

Field Reference

Table 32-1 IPsec Proposal Editor, General Tab, IOS and PIX 6.3 Devices

Element Description

External Interface

Note Available only if the selected device is an IOS router.

The external interface through which remote access clients will connect

to the server. Enter the name of the interface or interface role object, or

click Select to select it or to create a new object.

Inside VLAN

Note Available only if the selected device is a Catalyst 6500/7600.

The inside VLAN that serves as the inside interface to the VPN

Services Module (VPNSM), VPN SPA, or VSPA. Click Select to

configure the inside VLAN as explained in VPNSM/VPN SPA/VSPA

Settings Dialog Box, page 32-6.

previous next