Chapter 2
SpeedTouch™ IPSec terminology
2.4 Peer (Phase 1)
What is ... The Peer is a term that refers to the remote Security Gateway to which the IPSec secure tunnel(s) will be established. In a first phase, an IKE Security Association is negotiated between the SpeedTouch™ and a remote Security Gateway (peer). In the configuration of the SpeedTouch™, the Peer bundles all the parameters required to negotiate an IKE Security Association (Phase 1 SA), such as:
Address
The public IP address of the remote IPSec peer. Eventually a backup address can be defined.
Local ID
The identity of the local peer, which is presented to the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Remote ID
Similar to the Local ID, this parameter identifies the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Authtype
Authentication method used: preshared key or with certificates.
XAuth user and password
Allows for a secondary authentication based on a legacy authentication system
Descriptor
Refers to the Phase 1 security descriptor
The complete list of parameters is found in section “4.4 Peer” on page 118 and in the CLI Reference Guide.
19 | |
|
