ipsec tunnel <n> command, issued from
config mode, changes to IPsec
tunnel mode. This is denoted by
config-ipsec-tunnel in the prompt.
The identifier number for tunnel entries starts at
0 and increments by one.
To determine the next tunnel number for a new entry, run
ipsec tunnel ? and
TNSR will print the existing tunnel ID numbers.
This command creates an IPsec tunnel with an identifier of
tnsr(config)# ipsec tunnel 0 tnsr(config-ipsec-tunnel)#
The remainder of the configuration is covered in the following sections.
Enable/Disable IPsec Tunnels¶
New IPsec tunnels are in a disabled state by default and must be explicitly enabled:
tnsr(config)# ipsec tunnel <n> tnsr(config-ipsec-tunnel)# enable
Should the need arise to disable the tunnel in the future, the process is similar:
tnsr(config)# ipsec tunnel <n> tnsr(config-ipsec-tunnel)# disable
When disabling a tunnel the configuration can remain in place, but the tunnel will not be loaded into the IPsec daemon.