This task creates a transform set for the Easy VPN Remote clients to use
when they attempt to build an IPSec tunnel to the router. Use the standard
method for creating a transform set, as shown in Figure
.
Step 1
Add the Group Profile to be Defined
The crypto isakmp client
configuration group command specifies the policy profile of the
group that will be defined and enters ISAKMP group configuration mode.
Use the crypto isakmp client configuration group command
to specify group policy information that needs to be defined or changed
.
Step 2 Configure the ISAKMP Pre-shared Key
Use the
key command in ISAKMP group configuration mode to specify
the ISAKMP pre-shared key when defining group policy information for the mode
configuration push
. This command
must be used if the VPN Client identifies itself to the router with a
pre-shared key.
Step 3 (Optional) Specify the DNS
servers
Specify the primary and secondary DNS servers using the
dns command in ISAKMP group configuration mode
.
Step 4
(Optional) Specify the Windows Internet Name Service (WINS)
servers
Specify the primary and secondary WINS servers using the
wins command in ISAKMP group configuration mode
.
Step 5
(Optional) Specify the DNS Domain
Specify the DNS domain to which a
group belongs by using the domain command in ISAKMP group
configuration mode
.
Step 6
Specify the Local IP Address Pool
Use the pool
command to refer to an IP local address pool, which defines a range of
addresses that will be used to allocate an internal IP address to a VPN
Client.
Use the pool command in the ISAKMP group
configuration mode to define a local pool address
.
 |
NOTE:
The crypto isakmp configuration group command,
which specifies group policy information that needs to be defined or changed,
must be entered before entering the key,
dns, wins, domain,
or pool commands.
|