SDM can guide administrators through a simple VPN configuration.
The VPN Wizard is accessible by clicking the VPN icon
. The following
two options are available in the Wizard:
- Create a Site-to-Site VPN – This option allows administrators to create a
VPN network connecting two routers.
- Create a Secure GRE Tunnel (GRE-over-IPSec) – This option allows
administrators to configure a generic routing encapsulation protocol (GRE)
tunnel between the router and a peer system.
When using the site-to-site VPN Wizard, SDM can be allowed to use
default settings for most of the configuration values, or SDM can be used to
guide the administrator in configuring a VPN.
Quick Setup
To quickly configure a site-to-site VPN using SDM-provided defaults, check
Quick setup, and then click Next
. SDM
will automatically provide a default IKE policy to govern authentication, a
default transform set to control the encryption of data and a default IPSec
rule that will encrypt all traffic between the router and the remote
device.
Quick setup is best used when both the local router and the
remote system are Cisco routers using SDM.
Quick setup will configure
3DES encryption if it is supported by the IOS image. Otherwise, it will
configure DES encryption. If AES or SEAL encryption is needed, click
Step-by-step wizard.
To view the default IKE policy, transform
set, and IPSec rule that will be used to configure a One-step VPN, Click
View Defaults.
Step-by-Step Wizard
To configure a
site-to-site VPN using specified parameters, Check Step-by-Step wizard,
and then click Next. A custom configuration for the VPN can be created.
Any of the SDM default parameters that are need can be used in the
configuration. The Step-by-step wizard allows the administrator to specify
stronger encryption than the Quick setup wizard allows.