Technical information
93
IPSec VPN Acceleration Services Module Installation and Configuration Note
78-14459-03 Rev C0
Configuration Examples
crypto isakmp policy 1
encr 3des
authentication pre-share
crypto isakmp key NEEWOMM address 0.0.0.0 0.0.0.0
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set TS1 esp-3des esp-sha-hmac
!
crypto map ha 10 ipsec-isakmp
set peer 172.16.31.100
set transform-set TS1
match address 101
!
spanning-tree extend system-id
!
!
!
interface Loopback1
ip address 10.11.1.1 255.255.255.0
!
interface GigabitEthernet1/1
no ip address
shutdown
!
interface GigabitEthernet1/2
ip address 172.16.31.3 255.255.0.0
crypto map ha
!
interface GigabitEthernet3/1
mtu 4500
no ip address
snmp trap link-status
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
flowcontrol receive on
cdp enable
!
interface GigabitEthernet3/2
mtu 4500
no ip address
snmp trap link-status
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
flowcontrol receive on
cdp enable
!
interface Vlan1
no ip address
shutdown
!
ip classless
ip route 40.0.0.3 255.255.255.255 172.16.31.100
no ip http server
ip pim bidir-enable
!
access-list 101 permit ip host 10.11.1.1 host 40.0.0.3
arp 127.0.0.12 0000.2100.0000 ARPA
!
!