INDEX
Call Admission Control. See CAC.
A
certificate autoenrollment
access control list
configuration (example)
See ACL
configuring
access port
9-26
certificate revocation list. See CRL.
configuration (example)
configuring
3-27
3-7
configuration (example)
configuring
crypto, described
2-2
platform, configuring
9-2
certificate security attribute-based access control
ACL
9-61
9-41
certificate to ISAKMP profile mapping
8-15
sequenced, configuring
configuration (examples)
8-16
configuring
clear crypto sa command
AES
console error messages
configuration (example)
7-22, 8-20
SSC-600
7-2, 8-2
VSPA
CoS
6-3, 6-8
AGU
CRL
9-2
anti-replay window size, configuring
8-5
crypto ACL
13-20
13-2
13-2
aggregatable global unicode address. See AGU.
8-18
7-22
7-5
Advanced Encryption Standard. See AES.
configuring
9-59
2-2
crypto conditional debug support
13-22
crypto-connect mode
B
configuring ports
defined
BFG
configuration (example)
configuring
3-5
crypto key generate rsa command
crypto map
13-21
9-4
2-2
crypto pki trustpoint command
blade failure group. See BFG.
blank filler plate
2-3
guidelines and restrictions
11-19
11-10
troubleshooting
3-4
9-4
13-25
D
C
Dead Peer Detection. See DPD.
debug crypto ace b2b command
CAC
configuration (examples)
configuring
7-15
7-23
13-21
deny policy enhancements
configuration (example)
8-26
Cisco VPN Services Port Adapter Configuration Guide
OL-16406-01
IN-1
Index
diagnostics
defined
13-3
direct HTTP enrollment with CA servers
configuration (examples)
configuring
not supported on spoke
G
distinguished name-based crypto maps
configuring
8-24
Generic Routing Encapsulation. See GRE tunneling.
8-13
GRE tunneling
dMLPPP (Multilink PPP)
with IPSec VPN SPA
configuration (example)
3-20
configuring
DMVPN
3-38
3-21
takeover criteria
configuring
10-3
9-54
9-15
configuration (example)
4-2
3-23
10-2
DMVPN (Dynamic Multipoint VPN)
hub in configuration (example)
10-18
spoke configuration (example)
10-19, 10-20
DPD
I
IKE policy
troubleshooting
configuration (examples)
configuring
7-24
inside port, configuring
7-17
inside VLAN
Dynamic Multipoint VPN
See DMVPN
13-22
3-6
1-1
inside VRF (IVRF)
10-2
See IVRF
interface VLAN
4-2
1-1
IP multicast over a GRE tunnel
E
configuration (example)
Easy VPN client, configuring
10-16
configuring
Easy VPN remote RSA signature
configuring
enhanced
10-16
configuration (example)
4-35
IPsec anti-replay window size
10-15
configuration (examples)
10-15
configuring
router-side configuration (example)
10-21
encrypted preshared key
configuration (example)
configuring
3-25
IP multicast over a VTI tunnel
Easy VPN server
configuring
3-42, 4-31
8-21
8-5
IPsec NAT transparency, configuring
7-19
IPsec preferred peer
7-23
7-13
configuration (examples)
configuring
8-23
8-8
IPsec prefragmentation
configuration (examples)
F
5-13
IPsec security association (SA) idle timer
configuration (examples)
front door VRF
See FVRF
4-2
FVRF
configuring
8-24
8-12
IPsec stateful failover using a blade failure group (BFG)
Cisco VPN Services Port Adapter Configuration Guide
IN-2
OL-16406-01
Index
configuration (example)
configuring
configuration (examples)
11-19
configuring
11-10
IPsec stateless failover using HSRP
active chassis configuration (example)
configuring
11-15
mGRE
enabling
11-16
configuring
of RSA key
12-9
configuring
IPsec VPN monitoring
configuring
5-11
Multicast over a GRE tunnel
configuration (example)
12-10
configuring
12-2
IPv6 IPsec
3-25
configuration (example)
8-18
configuration (example)
8-26
configuration (example)
8-17
configuration (example)
7-22
4-35
multiple RSA key pairs
ISAKMP keyrings and peer filtering
configuring
9-53
9-3
multiple VSPAs in a chassis
configuration (example)
IVRF
defined
3-42, 4-31
Multicast over a VTI tunnel
configuration
support
9-4
MTU
12-4
configuration (example)
10-3
modulus
IPsec VPN accounting
configuration (example)
9-21
maximum transmission unit. See MTU.
11-3
remote router configuration (example)
9-56
configuring
4-2
11-12
11-2
multipoint GRE
See mGRE
K
key rollover for certificate renewal
configuration (examples)
configuring
9-59
9-30
10-3
N
NAT keepalives
configuration (example)
7-24
Next Hop Resolution Protocol
L
See NHRP
NHRP
LAF
configuring
LDAP
10-2
10-2
5-2
9-2
Lightweight Directory Access Protocol. See LDAP.
Look-Ahead Fragmentation. See LAF.
O
OCSP
configuration (example)
M
manual certificate enrollment (TFTP and cut-and-paste)
configuring
9-60
9-37
OIR
for carrier card
1-2
Cisco VPN Services Port Adapter Configuration Guide
OL-16406-01
IN-3
Index
for module
for SPAs
query multiple servers during certificate revocation check
1-2
configuration (example)
13-25
Online Certificate Status Protocol. See OCSP.
online diagnostics
configuring
9-60
9-36
13-3
online insertion and removal. See OIR.
outside port, configuring
R
3-6
Reverse Route Injection. See RRI.
routed port
P
configuration (example)
parameter command
9-17
persistent self-signed certificates
configuration (examples)
configuring
PIM
configuring
3-10
configuring
8-3
3-30
RRI
9-63
rsakeypair command
9-49
9-4
RSA signature storage, configuring
3-25
10-16
PKI AAA authorization using the entire subject name
configuration (example)
configuring
9-62
S
9-45
PKI query multiple servers during certificate revocation
check
configuration (example)
configuring
port VLAN
9-60
configuration (example)
clearing
13-20
set identity command
PPP (Point-to-Point Protocol)
with IPSec VPN SPA
8-14
show commands
3-20
for VSPA
protected private key storage
configuration (example)
7-22
security associations
9-36
1-1
configuring
Safenet IPSec client support
13-7
show crypto ace redundancy
9-53
13-18
show crypto ace redundancy command
9-5
show crypto ca certificates
13-12
show crypto ca trustpoints command
show crypto eli command
Q
13-18
13-12
1-11
show crypto engine accelerator statistic command
QoS
1-11,
13-4
carrier, configuration (example)
configuring
6-13
show crypto ipsec sa command
7-20, 13-9
show crypto ipsec transform-set command
6-1
module, configuration (example)
platform, configuration (example)
6-13
6-11
show crypto isakmp policy command
show crypto isakmp sa command
13-9
13-8
13-10
quality of service. See QoS.
show crypto key mypublickey rsa command
13-11
query mode definition per trustpoint
show crypto key pubkey-chain rsa command
13-11
configuration (example)
configuring
9-54
9-12
show crypto map command
13-9
show crypto redundancy linecard-group command
13-18
Cisco VPN Services Port Adapter Configuration Guide
IN-4
OL-16406-01
Index
show crypto session
VRF mode
13-13
show crypto sockets command
show crypto vlan command
show diagbus command
configuring VTI
13-7, 13-8, 13-19
defined
13-3
show hw-module slot fpd command
show interfaces trunk command
show interfaces tunnel
configuration (examples)
13-18
inside VRF (IVRF)
13-18
show module command
1-10
configuring
9-62
4-5
4-11
VSPA
VPN running state, displaying
3-20
VTI
9-47
configuring in VRF mode
subslots
defined
description
11-10
with tunnel protection
13-18
source interface selection for outgoing traffic with
certificate authority
configuring
4-4
4-2
without tunnel protection
show redundancy linecard-group command
configuration (example)
4-2
with chassis-to-chassis stateless failover
13-19
show ip nhrp command
2-4, 4-1
guidelines and restrictions
13-8
13-13
show ip mroute command
4-15
front door VRF (FVRF)
13-6
4-21
4-15
4-15
1-2
system error messages
SSC-600
VSPA
W
13-2
13-2
WAN interfaces
ATM configuration (example)
configuring
T
3-19
POS configuration (example)
transform sets
3-36
serial port configuration (example)
troubleshooting
13-22
trunk port
configuration (example)
configuring
3-35
WS-IPSEC-3
1-2
WS-SSC-600
1-2
3-37
3-32
3-14
trustpoint CA
configuration (example)
configuring
9-54
9-8
V
Virtual Tunnel Interface. See VTI.
VPN sessions, monitoring and managing
12-2
VRF-aware IPSec. See VRF mode.
VRF instance, defined
VRF-lite
4-2
2-9
Cisco VPN Services Port Adapter Configuration Guide
OL-16406-01
IN-5
Index
Cisco VPN Services Port Adapter Configuration Guide
IN-6
OL-16406-01