ip crypto-group

Last Updated : Apr 12, 2018 |

Activates a crypto-list in the context of the interface on which the crypto-list is activated. Use no ip crypto-group to deactivate a crypto-list.

The command applies to the following interfaces:

Serial
FastEthernet
Dialer

Note:

This command applies also to the VLAN interface, but this option is not recommended.

Most IPSec VPN parameters cannot be modified if they are linked to an active crypto-list. To modify a parameter linked to an active crypto-list, you must first deactivate the list using the no ip crypto-group command in the context of the interface on which the crypto-list is activated.

Syntax

[no] ip crypto-group crypto-list-id

Parameters


Parameter	Description	Possible Values	Default Value
crypto_list_id	The crypto-list number	901-999

User level

read-write

Context

interface:Serial (DS1 PPP L2, DS1 PPP L2-L3, DS1 FR-SUB L2, DS1 FR-SUB L2-L3, USP PPP L2, USP PPP L2-L3), FastEthernet (L2, L2-L3, PPP L2, PPP L2-L3, PPP L3), Dialer (L2, L2-L3), VLAN (L2, L2-L3)

Example

To activate crypto-list 901:

Gxxx-001(if:Serial 4/1)# ip crypto-group 901

Send Feedback

AVAYA DOCUMENTATION CENTER

No results found