To create an MC IPsec group
Purpose
Perform this procedure to create an MC IPsec group of ISA tunnels. You can create up to 16 MC IPsec groups on each MC peer site.
Note: You must first assign an ISA tunnel group to each MC peer site. You must enable the Multiple Active ISA Support parameter on each ISA tunnel group for MC IPsec. You can create ISA tunnel groups when you configure the MC IPsec peer groups.
Alternatively, you can create ISA tunnel groups on the peer NEs before you perform this procedure. See To configure an ISA-tunnel group .
You must first ensure that MC IPsec is enabled on the MC peer group and ensure that the peers are configured for MC IPsec. See To configure MC IPsec on an MC peer group for more information.
An MC IPsec group can exist only when there is a member pair of MC IPsec tunnel groups between MC peer NEs. If one member of a tunnel group is deleted or changed from one peer NE, the NFM-P global MC IPsec group is also deleted or changed.
Steps
1 |
Choose Manage→Redundancy→Node Redundancy from the NFM-P main menu. The Manage Node Redundancy form opens. |
2 |
Choose MC Peer Group (Multi-Chassis) from the drop-down menu and click Search. A list of MC Peer Groups is displayed. |
3 |
Choose an MC peer group and click Properties. The MC Peer Group (Edit) form opens. |
4 |
Click on the Associated Groups tab. |
5 |
Right-click on the MC IPsec Group object in the components tree and choose Create MC IPsec Group. The MC IPsec Group (Create) form opens. |
6 |
Configure the Synchronization Tag parameter. |
7 |
Configure an MC IPsec tunnel group. You must configure the tunnel group in each of the following panels: Perform the following:
|
8 |
Click OK. The MC IPsec Group (Create) form closes. |
9 |
Close the MC Peer Group (Edit) form. |
10 |
Close the Manage Node Redundancy form. End of steps |