Remote Identifier [remoteid]

Chapter 4

Configuration via the Command Line Interface

This parameter identifies the remote Security Gateway during the Phase 1 negotiation. This identity must match the settings in the remote Security Gateway in order to successfully set up the IKE Security Association. The identity types supported in the SpeedTouch™ are listed in the following table.

Identity type

Keyword

Examples

 

 

 

 

 

10.0.0.1

IP address

(addr)

0.0.0.0 (any IP address

 

 

accepted)

 

 

 

Fully qualified domain name

(fqdn)

sales.corporate.net

 

 

 

User fully qualified domain

(userfqdn)

john.doe@corporate.net

name

*.corporate.net

 

 

 

 

Distinguished name

(dn)

dc=corpor,uid=user

 

 

 

Key identity

(keyid)

cisid

 

 

 

any

(any)

 

 

 

 

In order to make the configuration of a VPN server independent of the number of VPN clients, wildcards can be used in the userfqdn, as shown in the table above. For example, *.corporate.net will match with any e-mail address in the domain corporate.net.

The use of wildcards allows simultaneous connections with multiple VPN clients, derived from a single peer profile.

E-DOC-CTC-20051017-0169 v0.1

121

 

Page 122 Page 124
Page 123
Image 123
Nortel Networks 608(WL), 620 manual Remote Identifier remoteid, Corporate.net
Page 122 Page 124
Top Page Image Contents