# Example configuration for a Cisco device crypto isakmp policy 10 encr aes hash sha authentication pre-share group 2 lifetime 86400 crypto isakmp key YOUR_PRESHARED_KEY address AWS_VPN_ENDPOINT crypto ipsec transform-set myset esp-aes esp-sha-hmac crypto map mymap 10 ipsec-isakmp set peer AWS_VPN_ENDPOINT set transform-set myset match address 101 interface GigabitEthernet0/0 crypto map mymap access-list 101 permit ip YOUR_ON_PREMISES_NETWORK 0.0.0.255 AWS_VPC_CIDR_BLOCK 0.0.0.255