Chapter 4. IOS IPsec Implementation

The following chapter reviews the modes of encapsulation used within IPsec by describing tunnel and transport modes and how these are used. If you have not read chapter 1, “Introduction to IPsec VPNs,”—which describes tunnel and transport mode, it may be prudent to do so before starting this chapter.

Before tunnel interfaces are described, crypto map should be discussed. A crypto map is a Cisco IOS software configuration attribute that performs a number of functions related to setting up an IPsec Security Association. Within a crypto map, data flows are defined that are to be protected by the SA and require security processing or traffic that is required to be bypassed; these are referenced with an access control ...

Get IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.