The fourth task in configuring Cisco IOS IPSec is to configure the
IPSec parameters that were previously gathered. This section presents the steps
used to configure IPSec. The general steps and commands used to configure IPSec
encryption on Cisco routers are summarized as follows
:
- Configure transform set suites with the crypto ipsec
transform-set command.
- Configure global IPSec security association lifetimes with the
crypto ipsec security-association lifetime command.
- Configure crypto access lists with the access-list
command.
The rest of the steps used to configure IPSec parameters for IKE RSA
signature keys are as follows:
- Configure crypto maps with the crypto map command.
- Apply the crypto maps to the terminating or originating interface with the
interface and the crypto map
commands.