Technical information
35
IPSec VPN Acceleration Services Module Installation and Configuration Note
78-14459-03 Rev C0
Configuring a VPN Using the VPN Module
set transform-set xform2
match address 103
!
!!! "inside" port of VPN-SM in slot 2:
!!! encrypts traffic from VLAN 20, sending encrypted
!!! packets to VLAN 19 via "outside" port Gig2/2
interface GigabitEthernet2/1
no ip address
flowcontrol receive on
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,20,1002-1005
switchport mode trunk
cdp enable
!
!!! "outside" port of VPN-SM in slot 2:
!!! decrypts traffic from VLAN 19, sending decrypted
!!! packets to VLAN 20 via "inside" port Gig2/1
interface GigabitEthernet2/2
no ip address
flowcontrol receive on
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,19,1002-1005
switchport mode trunk
cdp enable
!
!!! "inside" port of VPN-SM in slot 3:
!!! encrypts traffic from VLAN 12, sending encrypted
!!! packets to VLAN 11 via "outside" port Gig3/2
interface GigabitEthernet3/1
no ip address
flowcontrol receive on
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,12,1002-1005
switchport mode trunk
cdp enable
!
!!! "outside" port of VPN-SM in slot 3:
!!! decrypts traffic from VLAN 11, sending decrypted
!!! packets to VLAN 12 via "inside" port Gig3/1
interface GigabitEthernet3/2
no ip address
flowcontrol receive on
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,11,1002-1005
switchport mode trunk
cdp enable
!
!!! "port" VLAN, crypto connected to VLAN 12 by VPN-SM on slot 3
interface Vlan11
no ip address
crypto connect vlan 12
!
!!! "interface" VLAN, assigned to VPN-SM on slot 3
interface Vlan12
ip address 10.8.1.2 255.255.0.0
crypto map cmap2
!
!!! "port" VLAN, crypto connected to VLAN 20 by VPN-SM on slot 2
interface Vlan19
no ip address