Nortel Networks 608(WL), 620 manual Create a New Peer Security Descriptor

Chapter 4

Configuration via the Command Line Interface

4.3.3 Create a New Peer Security Descriptor

add command A new Peer Security Descriptor is created with the ipsec peer descriptor add command.

Example In the following example, a new Peer Security Descriptor is created, named peerdes1

=>ipsec [ipsec]=>peer

[ipsec peer]=>descriptor [ipsec peer descriptor]=>add name = peerdes1

:ipsec peer descriptor add name=peerdes1 [ipsec peer descriptor]=>

The result of this operation can be verified with the list command.

[ipsec peer descriptor]=> [ipsec peer descriptor]=>list

[AES_SHA1] : AES(128) SHA1 MODP1024 Lifetime 3600s

[AES_MD5] : AES(128) MD5 MODP1024 Lifetime 3600s

[3DES_SHA1] : 3DES SHA1 MODP1024 Lifetime 3600s

[3DES_MD5] : 3DES MD5 MODP1024 Lifetime 3600s

[DES_SHA1] : DES SHA1 MODP768 Lifetime 3600s

[DES_MD5] : DES MD5 MODP768 Lifetime 3600s

[AES_SHA1_Adv] : AES(256) SHA1 MODP1536 Lifetime 86400s [peerdes1] :

[ipsec peer descriptor]=>

It is seen that the new descriptor, named “peerdes1”, has been created but no parameters are assigned yet.

Seven Peer Security Descriptors are pre-defined in the SpeedTouch™, covering the most common settings. In total, up to 40 Security Descriptors can be defined. This total includes both the Peer Security Descriptors and the Connection Security Descriptors (see “4.5 Connection Security Descriptor” on page 127).