Skip navigation
Login   |   Register
Cisco Learning Home > Certifications > CCIE Security > Discussions


This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
6373 Views 1 Reply Latest reply: Apr 19, 2012 8:14 AM by CiscoLoco - CCNP RSS

Currently Being Moderated

Difference between Crypto Map and Crypto IPsec Profile ?

Apr 19, 2012 4:09 AM

Extreme-Networks 8 posts since
Jul 3, 2010



What is the difference in using Crypto map and Crypto IPsec profile ?


What are the pros and cons while using each of them.


Please explain.




  • CiscoLoco - CCNP 1,314 posts since
    Feb 11, 2009

    You cannot use an IPSEC profile without having a crypto map.  Within the crypto map you can apply the ipsec profile.  You could do this if you multiple tunnels that obviously have different peer address and differnt "interesting traffic" acls but will use simliar other configurations like transform set and pfs value.


    For Ex


    Define the IPSEC Profile  -


    crypto ipsec profile TEST-Profile

    set transform-set 3DES-SHA

    set pfs group 2


    Then within you crypto maps you can apply the profile you just created


    crypto map TEST 10 ipsec-isakmp

    set peer

    match address 100

    set profile TEST-Profile


    crypto map TEST 20 ipsec-isakmp

    set peer

    match address 200

    set profile TEST-Profile

    Join this discussion now: Login / Register


More Like This

  • Retrieving data ...

Bookmarked By (0)