Configuring a Local Endpoint for an IPsec Transport Profile

You can use the local ip address command to specify the local endpoint (for L2TP, the LNS address) of the IPsec transport connection and enter into Local IPsec Transport Profile Configuration mode.

You can enter the local ip address command multiple times in an IPsec transport profile. You can enter a fixed IP address or the wildcard address, 0.0.0.0. The wildcard address has a lower precedence than a fixed IP address.

Caution: We recommend that you do not use address 0.0.0.0 because it allows any address to accept IKE calls and it creates a group preshared key, which is not fully secure.

To specify the local endpoint of the IPsec transport connection:

host1(config-ipsec-transport-profile)#local ip address 192.168.1.2 host1(config-ipsec-transport-profile-local)#

Use the no version to delete the IP address.

Related Documentation