Configure the PIX Security Appliance as an Easy VPN Server
Tasks 5 through 7 – dynamic crypto map

Task 5– Create Dynamic Crypto Map
Create a dynamic crypto map entry and enter the crypto map configuration mode using the crypto dynamic-map command .

A dynamic crypto map entry is essentially a crypto map entry without all the parameters configured. It acts as a policy template where the missing parameters are later dynamically configured, as the result of an IPSec negotiation, to match the requirements of a remote peer. This allows remote peers to exchange IPSec traffic with the PIX Security Appliance even if the PIX does not have a crypto map entry specifically configured to meet all of the requirements of the remote peer.

Dynamic crypto maps are not used by the PIX Security Appliance to initiate new IPSec security associations with remote peers. Dynamic crypto maps are used when a remote peer tries to initiate an IPSec security association with the PIX. Dynamic crypto maps are also used in evaluating traffic.

Task 6 – Assign the Dynamic Crypto Map to a Static Crypto Map
Add the dynamic crypto map to a static crypto map .

Task 7 – Apply the Crypto Map to an Interface
Apply the crypto map to the outside interface of the PIX Security Appliance .