The ipsec efficient-vpn command binds an Efficient VPN policy to an interface.
The undo ipsec efficient-vpn command deletes the Efficient VPN policy from an interface.
By default, no Efficient VPN policy is applied to an interface.
Parameter |
Description |
Value |
|---|---|---|
efficient-vpn-name |
Specifies the name of an Efficient VPN policy. |
The value is an existing Efficient VPN policy name. |
Usage Scenario
When many branches and traveling staff connect to the headquarters over IPSec tunnels, similar or duplicate IPSec configurations and other network resource configurations must be configured on the branch and headquarters gateways. The Efficient VPN solution uses centralized IPSec configurations on the headquarters gateway and simplified IPSec configuration on each branch gateway. This solution reduces the manual configuration workload, and facilitates IPSec VPN configuration and maintenance.
Prerequisites
An Efficient VPN policy has been created using the ipsec efficient-vpn (system view) command.
Precautions
If an Efficient VPN policy is used to establish an IPSec tunnel between the enterprise branch and headquarters, apply the Efficient VPN policy to the branch gateway and use an IPSec policy template on the headquarters gateway to create an IPSec policy.