IP Security
Implementing IPSec for PDN Access Applications
This section provides information on the following topics:
How the IPSec-based PDN Access Configuration Works
Configuring IPSec Support for PDN Access
In covering these topics, this section assumes that ISAKMP crypto maps are configured/used as opposed to manual
crypto maps.
How the IPSec-based PDN Access Configuration Works
The following figure and the text that follows describe how sessions accessing a PDN using IPSec are processed by the
system.
Figure 11.
1
Core service
Services
Source Ctx.
Local Ctx.
Table 9. IPSec PDN Access Processing
Step
Description
OL-25069-03
IPSec PDN Access Processing
6
IPSec Tunnel
or
HA
Crypto ACL
3
Transform
Set(s)
ISAKMP
Policy(ies)
4
P
ISAKMP
D
Crypto
N
Map
5
Destination
Ctx.
2
7
8
9
Security
Gateway
Cisco ASR 5000 Series 3G Home NodeB Gateway Administration Guide ▄
Implementing IPSec for PDN Access Applications ▀
Packet Data
Network
Context
(Ctx.)
Interface
Service or
Configuration
(Cfg.
137