Configuring a Crypto Map
A crypto map pulls together the transform sets and crypto ACLs and associates
them with a remote peer. A sequence number can be used when configuring
a crypto map. Multiple crypto maps with the same name but different
sequence numbers form a crypto map set. Traffic is evaluated against each
crypto map depending on its sequence number to see whether it should be
protected. This permits more complex and granular traffic filtering.
The following example shows a crypto map that links the transform set and
ACL configured in previous examples:
IPSEC_RTR(config)#crypto map TO_SERVERS 10 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
and a valid access list have been configured.
IPSEC_RTR(config-crypto-map)#set peer 10.1.1.1
IPSEC_RTR(config-crypto-map)#match address 172
IPSEC_RTR(config-crypto-map)#set transform-set TRANSFORM1