ADTRAN Stub Routing Dokumentacja Pobierz pdf (Strona 284)

100

101

Crypto Map Manual Command Set Command Reference Guide

match address <listname>

Use the match address command to assign an IP access-list to a crypto map definition. The access-list

designates the IP packets to be encrypted by this crypto map. See ip access-list extended <listname> on

page 170 for more information on creating access-lists.

Syntax Description

Enter the name of the access-list you wish to assign to this crypto map.

Default Values

By default, no IP access-lists are defined.

Command Modes

(config-crypto-map)# Crypto Map Configuration Mode (IKE or Manual)

Command History

Release 4.1 Command was introduced

Functional Notes

Crypto map entries do not directly contain the selectors used to determine which data to secure. Instead, the

crypto map entry refers to an access control list. An access control list (ACL) is assigned to the crypto map

using the

match address

command (see

crypto map

on page 157). If no ACL is configured for a crypto map,

then the entry is incomplete and will have no effect on the system.

The entries of the ACL used in a crypto map should be created with respect to traffic sent by the ADTRAN

product. The source information must be the local ADTRAN product, and the destination must be the peer.

Only extended access-lists can be used in crypto maps.

Usage Examples

The following example shows setting up an access-list (called

NewList

) and then assigning the new list to a

crypto map (called

NewMap

(config)#

ip access-list extended NewList

Configuring New Extended ACL "NewList"

(config-ext-nacl)#

exit

(config)#

crypto map NewMap 10 ipsec-manual

(config-crypto-map)#

match address NewList

1 2 ... 279 280 281 282 283 284 285 286 287 288 289 ... 567 568

Komentarze do niniejszej Instrukcji

Brak uwag

ADTRAN Stub Routing Dokumentacja Strona 284

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Networking ADTRAN Stub Routing