7-17
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 7 Managing FlexConfigs
Understanding FlexConfig Policies and Policy Objects
SYS_VPN_VRF_PROCESS_N
UMBER
1 Interior gateway protocol (IGP) process numbers.
SYS_VPN_VRF_RD 1 RD values.
SYS_VPN_VRF_ROUTING_P
ROTOCOL
1 Interior gateway protocol (IGP) values. IGP is used
for routing the IPSec aggregator toward the Provider
Edge (PE)/Multiprotocol Label Switching (MPLS)
network.
Possible values are STATIC, OSPF, EIGRP, RIPV2,
and BGP.
SYS_VPN_VRF_SOLUTION 1 Virtual routing and forwarding (VRF) solution.
Possible values are 1BOX and 2BOX.
CA
Variables related to certificate authority policies. For more information, see Configuring IKEv1 Public
Key Infrastructure Policies in Site-to-Site VPNs, page 25-50.
SYS_VPN_CA_NAME 2 Certificate authority (CA) names.
Configure PKI policies to generate values for this
variable.
EZVPN
Variables related to EZVPN. For more information, see Understanding Easy VPN, page 27-1.
SYS_VPN_EZVPN_GROUP_N
AME
2 User group names.
Configure User Group policies to generate values for
this variable.
Dial Backup
Variables related to dial backup configurations. For more information, see Configuring Dial Backup,
page 24-39.
SYS_VPN_RTR_WATCH 1 The rtr/watch number.
Configure dial backup to generate values for this
variable.
GETVPN
Variables related to Group Encrypted Transport (GET) VPN. For more information, see Understanding
Group Encrypted Transport (GET) VPNs, page 28-2.
SYS_GDOI_GROUP_NAME 1 Name of the Group Domain of Interpretation (GDOI)
group.
Configure the Group Encryption policy to generate
values for this variable (Manage > Site-to-Site VPNs
> Group Encryption Policy > Group Settings).
Table 7-4 VPN System Variables (Continued)
Name Dimension Description