Technical information
89
IPSec VPN Acceleration Services Module Installation and Configuration Note
78-14459-03 Rev C0
Configuration Examples
!
boot system flash sup-bootflash:
!
redundancy
main-cpu
auto-sync standard
ip subnet-zero
!
!
no ip domain-lookup
!
!
no mls ip multicast aggregate
no mls ip multicast non-rpf cef
!
crypto isakmp policy 1
encr 3des
authentication pre-share
crypto isakmp key NEEWOMM address 0.0.0.0 0.0.0.0
!
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set TS1 esp-3des esp-sha-hmac
!
crypto map ha ha replay-interval inbound 10 outbound 1000
crypto map ha 10 ipsec-isakmp
set peer 172.16.31.3
set transform-set TS1
match address 101
!
!
spanning-tree extend system-id
no spanning-tree vlan 4
!
!
!
interface GigabitEthernet1/1
no ip address
no ip redirects
crypto connect vlan 4
!
interface GigabitEthernet1/2
ip address 40.0.0.1 255.255.255.0
no ip redirects
standby delay minimum 35 reload 60
standby ip 40.0.0.100
standby timers 1 3
standby preempt
standby track GigabitEthernet1/1
!
interface GigabitEthernet3/1
mtu 4500
no ip address
snmp trap link-status
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,4,1002-1005
switchport mode trunk
flowcontrol receive on
cdp enable
!
interface GigabitEthernet3/2
mtu 4500