Adding and Editing a Crypto Map

To add or edit a profile's VPN crypto map settings:

  1. Go to Configuration → Profiles → Manage Profiles .

    Select a target profile from those displayed on the screen.

  2. Expand Security and select VPN..

  3. Select the VPN Crypto Map tab.

  4. If requiring a new crypto map configuration, select the Add button. If updating the configuration of an existing crypto map, select it from amongst those available and select the Edit button.

  5. If adding a new crypto map, assign it a name up to 32 characters in length as a unique identifier. Select the Continue button to proceed to the VPN Crypto Map screen.

    Click to expand in new window
    GUID-7C6A2CD6-594B-4CD9-AACD-CD21119BE741-low.png
  6. Review the following before determining whether to add or modify a crypto map configuration

    Sequence

    Each crypto map configuration uses a list of entries based on a sequence number. Specifying multiple sequence numbers within the same crypto map, provides the flexibility to connect to multiple peers from the same interface, based on the sequence number (from 1 - 1,000).

    Type

    Displays the site-to-site-manual, site-to-site-auto or remote VPN configuration defined for each listed crypto map configuration.

    IP Firewall Rules

    Lists the IP firewall rules defined for each displayed crypto map configuration. Each firewall policy contains a unique set of access/deny permissions applied to the VPN tunnel and its peer connection.

    IPSec Transform Set

    Displays the transform set (encryption and hash algorithms) applied to each listed crypto map configuration. Thus, each crypto map can be customized with its own data protection and peer authentication schemes.

  7. If requiring a new crypto map configuration, select the Add button. If updating the configuration of an existing crypto map, select it from amongst those available and select the Edit button.