Command Reference Guide
SROS Command Line Interface Reference Guide Global Configuration Mode Command Set
5991-2114 © Copyright 2005 Hewlett-Packard Development Company, L.P. 232
crypto map
Use the crypto map command to define crypto map names and numbers and to enter the associated (either
Crypto Map IKE or Crypto Map Manual).
Variations of this command include the following:
crypto map <mapname> <mapindex> ipsec-ike
crypto map <mapname> <mapindex> ipsec-manual
Syntax Description
<mapname> Name the crypto map. You can assign the same name to multiple crypto maps, as
long as the map index numbers are unique.
<mapindex> Assign a crypto map sequence number.
ipsec-ike Enter the Crypto Map IKE (see
Crypto Map IKE Command Set on page 396). This
supports IPSec entries that will use IKE to negotiate keys.
ipsec-manual Enter the Crypto Map Manual (see
Crypto Map IKE Command Set on page 396).
This supports manually configured IPSec entries.
Default Values
There are no default settings for this command.
Command Modes
(config)# Global Configuration Mode
Functional Notes
Crypto map entries do not directly contain the transform configuration for securing data. Instead, the crypto
map is associated with transform sets which contain specific security algorithms (see
crypto ipsec
transform-set <setname> <parameters>
on page 230).
Crypto map entries do not directly contain the selectors used to determine which data to secure. Instead,
the crypto map entry refers to an access control list. An access control list is assigned to the crypto map
using the match address command (see
ike-policy <policy number> on page 398).
If no transform-set or access-list is configured for a crypto map, the entry is incomplete and will have no
effect on the system.
Note
For VPN configuration example scripts, refer to the technical support note VPN
Configuration Guide located on the ProCurve SROS Documentation CD provided with
your unit.