Manualshelf

user manual

ManualsBrandsCisco Systems ManualsComputer AccessoriesComputer Accessories OL-4344-01
11121314151617181920
1-12
Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0
OL-4344-01
Chapter 1 About Cisco IP Solution Center
Using Templates to Customize Configuration Files
Mapping IPsec Tunnels to MPLS VPNs
Provisioning network-based IPsec VPNs in order to map IPsec tunnels to MPLS VPNs involves both
MPLS and IPsec services in IP Solutions Center. Thus, it is necessary to create both MPLS and IPsec
policies, as well as MPLS and IPsec service requests. For details, see Chapter 6, “Mapping IPsec to
MPLS VPN.
The IPsec terminating router resides on the service provider premises. IPsec tunnels from various
customers are aggregated on this router. This may be either a PE router or a Multi-VRF CE router.
Depending on which type of device is employed, the IPsec- to-MPLS mapping is either the “one-box”
solution or a “two-box” solution. In the “one-box” solution, the service provider uses a PE router as the
IPsec aggregator, whereas in the “two-box” solution, the service provider uses a Multi-VRF CE router
for IPsec aggregation in conjunction with a PE router.
Two types of IPsec tunnels can be terminated on the IPsec aggregator (PE or Multi-VRF CE router):
Site-to-site IPsec tunnels: A tunnel between a customers CE router and the IPsec aggregator.
Remote access IPsec tunnels: A tunnel initiated from a VPN client, for example, a Windows
workstation running Cisco IPsec VPN Client software.
Using Templates to Customize Configuration Files
The Template Manager in ISC is a provisioning system that provides fast, flexible, and extensible Cisco
IOS command generation capability. The Template Manager defines standard templates to generate
Cisco IOS configurations for common provisioning tasks, such as common IPv4, QoS, and VPN
provisioning.
A template file is a file created by the Template Manager that stores a ISC template definition.
A template data file is a text file that stores variable values to generate the template file. A valid data
file contains name-value pairs for all the variables defined in a template. Each template file can be
associated with multiple data files; however, note that each data file can only be associated with a
single template. You can select which data file to use to generate a template. The filename suffix for
data files is .dat.
A template configuration file is an IOS configuration file that stores the Cisco IOS commands
created by the Template Manager. A template configuration file can be either a partial or complete
configuration file. When you generate a template configuration file using a particular data file, the
template configuration filename is the same as the data file’s name.
The template data files are tightly linked with its corresponding template. You can use a data file and its
associated template to create a template configuration file. The template configuration file is merged
with (either appended to or prepended to) the ISC configlet. ISC downloads the combined configlet to
the edge device router.
You can apply the same template to multiple edge devices, assigning the appropriate template data file
for each device. Each template data file includes the specific data for a particular device (for example,
the management IP address or host name of each device).