crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto map mapName 19 match address NAME_40_cryptomap
crypto map mapName set peer IPADDR
crypto map mapName 19 set transform-set ESP-AES-128-SHA
crypto map mapName 20 match address NAME_20_cryptomap
crypto map mapName 20 set peer IPADDR
crypto map mapName 20 set transform-set ESP-3DES-SHA
crypto map mapName interface IFNAME
crypto isakmp identity address
crypto isakmp enable IFNAME
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 50
authentication pre-share
encryption aes
hash sha
group 2
lifetime 28800
I need to be sure that when traffic matches access-list "NAME_40_cryptomap" Isakmp policy 50 are used.
And then traffic matches "NAME_20_cryptomap" isakmp policy 10 are used.
How do i link the crypto map with the specefic isakmp policy?
Regards, Steffen.