Solved: PIX VPN Basics - What traffic is encrypted.

alan.morris · ‎04-08-2004

I had understood that the CRYPTO MAP MATCH ADDRESS command linked with the ACL identifies the traffic to be encrypted, however we have a new client with and exisiting operational VPN configuration that does not have the MATCH ADDRESS argument viz:

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map cisco 30 set transform-set myset

crypto map myname 30 ipsec-isakmp dynamic cisco

crypto map myname interface outside

Can anyone give me a clue how this works please? The system is a PIX515E running 6.1.(1).

stomasko · ‎04-08-2004

The crypto dynamic-map is part of the Easy VPN setup.

Read the description for the crypto dynamic-map command from the command reference below.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00800ec9e8.html#1026681

An example of the configuration is show on the link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008019e6d7.shtml

Hope these help clear things up.

Steve

View solution in original post

stomasko · ‎04-08-2004