Chapter 4
Configuration via the Command Line Interface
4.7 Connection
What is ... A Connection bundles all the parameters required for the PH2 SA negotiation:
Peer
Reference, pointing to the peer configuration to be used. In fact, this refers to the IKE channel used for the Phase 2 negotiations.
Local/remote range
Range of private IP addresses to which the IPSec policy applies.
Reference to the Network Descriptors or expressed by a dynamic policy.
Connection Security Descriptor
Reference to the Phase 2 Security Descriptor grouping the security parameters.
The Connection parameters are explained in section 4.7.1.
How is it used A Connection can be successfully configured from the moment when a Connection Security Descriptor is present in the SpeedTouch™.
The local and remote private networks can be described either by a valid Network Descriptor, or by a keyword present in the SpeedTouch™. When the IPSec policy is expressed as a static policy, a Network Descriptor describes the local and remote private networks. As a consequence, some valid Network Descriptors must be defined prior to the successful definition of a Connection.
When using a dynamic policy, the networks are described by keyword (see section 4.7.1).
In this section The following topics are discussed in this section:
Topic | Page |
|
|
4.7.1 Connection Parameters | 142 |
|
|
4.7.2 List all Connections | 145 |
|
|
4.7.3 Create a New Connection | 146 |
|
|
4.7.4 Set or Modify the Connection Parameters | 147 |
|
|
4.7.5 Delete a Connection | 148 |
|
|
4.7.6 Start a Connection | 149 |
|
|
4.7.7 Stop a connection | 150 |
|
|
141 | |
|
