User`s guide

Chapter 13 IP Security

IPSec Policies

13-34

Cisco Router and Security Device Manager Version 2.2 User’s Guide

OL-4015-08

Add or Edit Crypto Map: IPSec Rules Panel

Use this screen to add or change the IPSec rule used in this crypto map. IPSec

rules contain access rule entries that determine the traffic to be encrypted. The

IPSec rule field shows the name of the IPSec rule in use.

Note If you are adding an IPSec rule for a VPN connection that uses a tunnel interface,

the rule must specify the same source and destination data as the tunnel

configuration.

To add or change the IPSec rule for this crypto map:

Step 1 Click the button to the right of the IPSec Rule field.

Step 2 Click Select an existing rule (ACL) if the rule you want to use has already been

created, select the rule, and click OK.

Note IPSec rules must be extended rules, not standard rules. If the number or name you

enter identifies a standard rule, SDM will display a warning message when you

click OK.

Step 3 Click Create a new rule and select if the rule you need has not been created.

Create the rule, and click OK.

Step 4 Click OK if you want to close the crypto map window, or click another tab if you

want to work in another panel.

Change the preference order of the

selected transform sets.

Select a transform set, and click the up button or the down

button.

Add a transform set to the Available

Transform Sets list.

Click Add, and configure the transform set in the Add

Transform Set window.

Edit a transform set in the Available

Transform Sets list.

Click Edit, and configure the transform set in the Edit

Transform Set window.

If you want to: Do this: