Manuals / Nortel Networks / Computer Equipment / Network Card

Nortel Networks 608(WL), 620 manual Example IPSec connection, applying the default peer concept

Models: 620 608(WL)

1 222
Download 222 pages 37.22 Kb
Page 201
Image 201

Example IPSec connection, applying the default peer concept

Chapter 6

Advanced Features

SpeedTouch™ [1] IPSec peer configuration:

[ipsec peer]=>add name = rempeer2

:ipsec peer add name=rempeer2 [ipsec peer]=>modify

name = rempeer2 [remoteaddr] = 40.0.0.2

[backupaddr] = [exchmode] = main [localid] =

[remoteid] = (addr)40.0.0.2 [phyif] = DIALUP_PPPOE

[descr] = AES_MD5 [auth] = secret1 [client/server] = [options] =

:ipsec peer modify name=rempeer2 remoteaddr=40.0.0.2 remoteid=(addr)40. 0.0.2

[ipsec peer]=>

The parameter localid can remain either unset, or an identifier type can be used that is independent of the IP address, such as the userfqdn.

SpeedTouch™ [2] IPSec peer configuration:

[ipsec peer]=>add name = rempeer1

:ipsec peer add name=rempeer1 [ipsec peer]=>modify

name = rempeer1 [remoteaddr] = 0.0.0.0

[backupaddr] = [exchmode] = main [localid] = (addr)40.0.0.2 [remoteid] =

[phyif] = DIALUP_PPPOE

[descr] = 3DES_MD5 [auth] = secret1 [client/server] = [options] =

:ipsec peer modify name=rempeer1 remoteaddr=0.0.0.0 exchmode=main phyif =DIALUP_PPPOE descr=3DES_MD5 auth=secret1

[ipsec peer]=>

The parameter remoteid remains unset. Any value will be accepted during the Phase 1 negotiation.

When configured with a default peer, the SpeedTouch™ [2] will never be able to initiate outgoing connections as it does not know any IP address of a remote peer. It can operate in responder mode only.

E-DOC-CTC-20051017-0169 v0.1

199

 

Page 200 Page 202
Page 201
Image 201
Nortel Networks 608(WL), 620 manual Example IPSec connection, applying the default peer concept
Page 200 Page 202