Chapter 4. IOS IPsec Implementation

The following chapter reviews the modes of encapsulation used within IPsec by describing tunnel and transport modes and how these are used. If you have not read chapter 1, “Introduction to IPsec VPNs,”—which describes tunnel and transport mode, it may be prudent to do so before starting this chapter.

Before tunnel interfaces are described, crypto map should be discussed. A crypto map is a Cisco IOS software configuration attribute that performs a number of functions related to setting up an IPsec Security Association. Within a crypto map, data flows are defined that are to be protected by the SA and require security processing or traffic that is required to be bypassed; these are referenced with an access control ...

Get IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.