Chapter 4

Configuration via the Command Line Interface

Always-on connection This parameter determines whether the connection is permanently enabled or not. [alwayson] By default this parameter is set to disabled. In this case the IPSec connection is

started only when traffic is sent that complies with the IPSec policy, or if the connection is started manually.

When enabled, the connection is started as soon as the SpeedTouch™ is operational.

Descriptors [descr] One or more alternative security descriptors can be defined for a connection. If more than one selector is defined, the initiator presents these alternative proposals during the Phase 2 negotiations. The responder selects a descriptor complying with its capabilities. A responder with multiple descriptors matches the proposed security descriptors with its own capabilities, and selects one preferred descriptor.

Options [options] This parameter refers to the symbolic name of an option list. The options are handled in a separate chapter, discussing the advanced features. For a basic IPSec configuration, no option list is selected.

State [state] This setting allows enabling or disabling the connection.

144

E-DOC-CTC-20051017-0169 v0.1

 

Page 145 Page 147
Page 146
Image 146
Nortel Networks 620, 608(WL) manual 144
Page 145 Page 147
Top Page Image Contents