Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IOS crypto keyring ezvpn-spokes command

Hi,

In the SNF 2.0 templates documents I see that the command below is required for ezvpn configuration at the IOS server.

crypto keyring ezvpn-spokes
  pre-shared-key address 0.0.0.0 0.0.0.0 key #####

I have seen other ezvpn config templates where this command is not used. Is this command a requiment for ezvpn server configuration?

this would be to provide  connectivity for ezvpn clients using cisco vpn client software and for ezvpn remote tele router configuration.

Any body have and insight onto this.

Andy

1 ACCEPTED SOLUTION

Accepted Solutions

Re: IOS crypto keyring ezvpn-spokes command

Hi,

A keyring is a repository of preshared and (RSA) public keys.
The keyring is used in the ISAKMP profile configuration mode.
The ISAKMP profile successfully completes authentication of peers if the peer keys
are defined in the keyring that is attached to this profile.

This command is not mandatory, is just a way to match a keyring to an ISAKMP profile
(if using profiles).

Federico.

2 REPLIES

Re: IOS crypto keyring ezvpn-spokes command

Hi,

A keyring is a repository of preshared and (RSA) public keys.
The keyring is used in the ISAKMP profile configuration mode.
The ISAKMP profile successfully completes authentication of peers if the peer keys
are defined in the keyring that is attached to this profile.

This command is not mandatory, is just a way to match a keyring to an ISAKMP profile
(if using profiles).

Federico.

New Member

Re: IOS crypto keyring ezvpn-spokes command

Thanks Federico for the clarification that helps.

Andy

.

1008
Views
0
Helpful
2
Replies