▀ Configuring the System to Perform as a Femto Network Gateway
This example shows default values.
Creating IPSec Transform Sets
Use the following configuration example to create the required number of IPSec transform sets:
configure
context <fng_context_name>
ipsec transform-set <ipsec_tset1>
encryption aes-cbc-128
group 2
hmac sha1-96
mode tunnel
exit
This example shows default values.
Creating the Crypto Template
Use the following configuration example to create the crypto template used to define a cryptographic policy for the
FNG service:
configure
context <fng_context_name>
crypto template <crypto_template_name> ikev2-subscriber
certificate <name>
natt
authentication eap profile <eap_profile_name>
ikev2-ikesa transform-set list <ikev2_ikesa_tset1>
payload <payload_name_1> match childsa
▄ Cisco ASR 5000 Series Femto Network Gateway Administration Guide
44
ip-address-allocation dynamic
ipsec transform-set list <ipsec_tset1>
exit
Femto Network Gateway Configuration
OL-24872-01