Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring a Local Endpoint for an IPsec Transport Profile

    You can use the local ip address command to specify the local endpoint (for L2TP, the LNS address) of the IPsec transport connection and enter into Local IPsec Transport Profile Configuration mode.

    You can enter the local ip address command multiple times in an IPsec transport profile. You can enter a fixed IP address or the wildcard address, 0.0.0.0. The wildcard address has a lower precedence than a fixed IP address.

    Caution: We recommend that you do not use address 0.0.0.0 because it allows any address to accept IKE calls and it creates a group preshared key, which is not fully secure.

    To specify the local endpoint of the IPsec transport connection:

    • Issue the local ip address command in IPsec Transport Profile Configuration mode.
    host1(config-ipsec-transport-profile)#local ip address 192.168.1.2 host1(config-ipsec-transport-profile-local)#

    Use the no version to delete the IP address.

    Published: 2014-08-12