Manualshelf

Technical information

ManualsBrandsCisco ManualsComputer equipmentWS-SVC-IPSEC-1= - IPSec VPN Services Module
12345678910
2
IPSec VPN Acceleration Services Module Installation and Configuration Note
78-14459-03 Rev C0
Contents
Contents
This publication consists of these sections:
Understanding How the VPN Module Works, page 2
Supported Features, page 5
Hardware and Software Requirements, page 7
Front Panel Description, page 9
Installing and Removing the VPN Module, page 10
Configuring a VPN Using the VPN Module, page 21
Configuration Examples, page 58
Regulatory Standards Compliance, page 98
Obtaining Documentation, page 98
Obtaining Technical Assistance, page 100
Understanding How the VPN Module Works
These sections describe the functionality of the VPN module:
Overview, page 2
Catalyst Switch Outside Ports and Inside Ports, page 3
VPN Module Outside Port and Inside Port, page 4
Port VLAN and Interface VLAN, page 4
Overview
The VPN module is a Gigabit Ethernet IPSec cryptographic module that you can install in the
Catalyst 6500 series switches and Cisco 7600 Series Internet Routers. The VPN module provides
bump-in-the-wire (BITW) IPSec implementation using VLANs.
Note BITW is an IPSec implementation that starts egress packet processing after the IP stack has finished with
the packet and completes ingress packet processing before the IP stack receives the packet.
Configuring VPNs using the VPN module is similar to configuring VPNs on routers running Cisco IOS
software. When you configure VPNs with the VPN module, you attach crypto maps to VLANs (using
interface VLANs); when you configure VPNs on routers running Cisco IOS software, you configure
individual interfaces.
Note With the VPN module, crypto maps are still attached to individual interfaces but the set of interfaces
allowed is restricted to “interface VLANs.