IOS crypto keyring ezvpn-spokes command

Answered Question
Mar 6th, 2010
User Badges:

Hi,


In the SNF 2.0 templates documents I see that the command below is required for ezvpn configuration at the IOS server.

crypto keyring ezvpn-spokes
  pre-shared-key address 0.0.0.0 0.0.0.0 key #####

I have seen other ezvpn config templates where this command is not used. Is this command a requiment for ezvpn server configuration?

this would be to provide  connectivity for ezvpn clients using cisco vpn client software and for ezvpn remote tele router configuration.


Any body have and insight onto this.


Andy

Correct Answer by Federico Coto F... about 7 years 1 month ago

Hi,


A keyring is a repository of preshared and (RSA) public keys.
The keyring is used in the ISAKMP profile configuration mode.
The ISAKMP profile successfully completes authentication of peers if the peer keys
are defined in the keyring that is attached to this profile.


This command is not mandatory, is just a way to match a keyring to an ISAKMP profile
(if using profiles).


Federico.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Federico Coto F... Mon, 03/08/2010 - 15:35
User Badges:
  • Green, 3000 points or more

Hi,


A keyring is a repository of preshared and (RSA) public keys.
The keyring is used in the ISAKMP profile configuration mode.
The ISAKMP profile successfully completes authentication of peers if the peer keys
are defined in the keyring that is attached to this profile.


This command is not mandatory, is just a way to match a keyring to an ISAKMP profile
(if using profiles).


Federico.

networkwise Mon, 03/08/2010 - 16:12
User Badges:

Thanks Federico for the clarification that helps.


Andy


.

Actions

This Discussion