Manuals / Nortel Networks / Computer Equipment / Network Card

Nortel Networks 620, 608(WL) manual 218

Models: 620 608(WL)

1 222

Download 222 pages 37.22 Kb

<>

Password Default Peer Concept Configuration via Local Pages Auxiliary Commands Inactivity Timeout Peer Phase Authorization Advanced Features Switch to the Aggressive Mode Encapsulation mode Keyword

Page 220

Chapter 6

Advanced Features

218	E-DOC-CTC-20051017-0169 v0.1

Page 219 Page 221

Image 220

Nortel Networks 620, 608(WL) manual 218

Page 219 Page 221

Related pages 4 Troubleshooting for Maretron NBE100 Specifications for Toshiba E-STUDIO856 Error messages appear when opening music files for Samsung GT-P7511UWDDBT Extending the Publickey Schema into Your Directory for HP UX LDAP-UX Integration Software To disconnect a call when you are finished for Sanyo Katana Installasjonsrelaterte for Samsung LS23MUQHB/EN 12.0SPARE PARTS LISTS for Teledyne 300 How to troubleshoot issues with the Motorola XPR 8300 accessory connections?

Contents

SpeedTouch608WL/620 Page SpeedTouch 608WL/620 Trademarks CopyrightDocument Information Contents Configuration via the Command Line Interface Troubleshooting SpeedTouch IPSec 161 Advanced Features Advanced Connection 213 Contents About this IPSec Configuration Guide Terminology Documentation and software updates About this IPSec Configuration Guide IPSec Concept for secure IP connections Topic Authentication Header Encapsulated Security Payload IPSec Concepts Security Associations Tunnel Mode Chapter SpeedTouch IPSec terminology Policy Security Descriptor Authentication Attribute Peer Phase Connection Phase Network descriptor Chapter Configuration via Local Pages Topic LAN to LAN Application Network 10.0.0.0/24 Network 20.0.0.0/24 Remote Gateway Address Known Remote Gateway Address Unknown Remote Gateway Address Known Click Inactivity Timeout Default value IKE Exchange ModeInactivity Timeout Primary Untrusted Physical Interface Parameter Value for AESMD5 IKE Security DescriptorsLayout with additional Descriptors Layout for pre AuthenticationShared key IKE Authentication with Preshared Key Identity type Keyword Examples Example of a completed Click Remote Gateway Address Unknown Switch to the Aggressive Mode Gateway Address Unknown Inactivity Timeout Default value IKE Security Descriptors Layout for pre IKE Authentication with Preshared Key Security Descriptors and Miscellaneous Confirm the IKE Authentication , IKEAdvanced Peers Security Descriptors Inactivity Timeout Default value Chapter Identification Interface John.doe@corporate.net Example of a completed Click Connections Protocol Type Valid network types are Keyword ExamplesNetwork IP field Parameter Value for AESMD5TUN Starting and stopping a connection VPN Client Click Backup Server IP Address or Fqdn IKE Security Descriptor Server IP Address or Select When Advanced Connections Security Descriptors Chapter Preshared Secret Manual Dialup Automatic Start Local LAN IP range Examples Set of Server Vendor specific parameters Method 1 Automatic Start Starting the VPN Client ConnectionMethod 2 Manual Start Dialling VPN Client Connect Client Identification parameter is Server Vendor specific Chapter Closing a Connection VPN Server VPN Server Click Parameter Value for AESMD5 Layout with additional Descriptors IPSec Security Example DESMD5TUN Inactivity Timeout Default value Virtual IP Range NetmaskPush IP Domain name Identity type Keyword Examples Remote ID Filter Type and Remote ID Filter @corporate.net Click Add User Certificates Chapter Advanced VPN Menu Advanced Peers sub-pages See Connection Profiles Peer Profiles Local ID type Keyword Examples Remote ID type Keyword Examples Chapter Chapter Authentication Parameter Possible values Description Descriptors page layout Parameter table Peer DescriptorsParameter Description Algorithm Valid key lengths bitsHashing algorithm Diffie-Hellman group Number of bits Keyword Peer Options OptionsLayout Peer Profile Authentication XAuth on page 176 and following VPN-Client Chapter VPN-Server Chapter VPN-Server-XAuth PasswordChap Connection Profiles Keyword retrievefromserver Keyword allocatedvirtualip Chapter Networks What is a Network Descriptor? How is it used?Type of network and IP address Chapter Connection Descriptors Descriptors page layout Algorithm Valid key lengths bits PFS Kilobytes 30 = 1 073 741 Connection Options Connection Profile Client Configuration via the Command Line Interface Basic IPSec configuration procedure What do we want to do? How do we configure it SpeedTouch? 103 Peer Authentication Attribute Authentication Attribute Parameters List all Authentication Attributes Create a New Authentication Attribute Set or Modify the Authentication Attribute Parameters Secret1 Delete an Authentication attribute Peer Security Descriptor Peer Security Descriptor Parameters Parameter Keyword Description Algorithm Valid key sizes Popular sizes Default size Bits Cryptographic function crypto 113 List all Peer Security Descriptors Create a New Peer Security Descriptor Set or Modify the Peer Descriptor Parameters Name = peerdes1 Result of this operation is verified with the list command Delete a Peer Descriptor Peer Peer parameters Peer parameters Parameter Keyword Description Exchange mode Keyword Valid values Remote Identifier remoteid Corporate.net 122 List all peer entities Dialuppppoe Create a new peer entity Use the list command to verify the results of the operation Set or modify the peer parameters Delete a Peer entity Connection Security Descriptor Connection Security Descriptor parameters 129 Encapsulation mode Keyword List all Connection Security Descriptors Ipsec=connection Create a new Connection Security Descriptor Set the Connection Security Descriptor Parameters Name = cnctdes1 Delete a Connection Security Descriptor 135 Network Descriptor Parameters Type Valid network types Keyword Examples Are 137 Create a New Network Descriptor Set the Network Descriptor Parameters Net1 Delete a Network Descriptor Connection Connection Parameters Connection parameters Parameter Keyword Description Local network localnetwork Remote network remotenetwork 144 List all Connections Create a New Connection Set or Modify the Connection Parameters Name = connect1 Delete a Connection Start a Connection Stop a connection Auxiliary Commands What is it used for Display the VPN configuration settings Config CommandControl of general VPN settings AutoProxyARP When do I need ProxyARP An example of Auto ProxyARP Flush Command Clear Command Group Ipsec command group See Organisation of the IPSec Command GroupIpsec clear command group Ipsec connection command group Ipsec debug command group Ipsec peer command group Ipsec show command group Troubleshooting SpeedTouch IPSec Via the Debug Web pages Security Association should be active Browse to Expert mode VPN Debug Logging How to monitor the IPSec negotiationsBrowse again to Expert mode VPN Debug Logging 164 Via the CLI Show command group Show command group 166 Via the CLI Debug command group 168 Severity Contents Via Snmp Debugging via Snmp Ping command Adapting the routing table Pinging from the SpeedTouch to the remote private network 172 Advanced Features IPSec and the Stateful Inspection Firewall Surfing through the VPN tunnel Web Browsing Interception and surfing through a tunnel Extended Authentication XAuth How does it work 177 VPN Client parameters VPN Client parameters Parameter Keyword Description Create a new vpnclient Ipsec= Ipsec=peer Set or modify the vpnclient parameters Attach the vpnclient entity to the peer entity Modify the peer parameters Example 182 VPN Server parameters VPN Server parameters Parameter Keyword Description Puship Possible values Description Default value Create a new VPN server Set or modify the vpnserver parameters Attach the vpnserver entity to the peer entity XAuth Users Pool XAuth Pool parameters XAuth Pool parameters Parameter Keyword Description Create a new XAuth pool Modify the xauthpool type Attach the xauthpool entity to the vpnserver entity Modify the vpnserver parameters Example Delete an xauthpool entity XAuth User parameters Create a new XAuth user Set or modify the password of an XAuth user Delete an xauthuser entity Default Peer Concept PPP Example IPSec connection, applying the default peer concept Advanced Features SpeedTouch 1 IPSec peer configuration One Peer Multiple Connections Peer Possible values Default value Option Keyword Description Dpdidleperiod Unit Default value Dpdxmits Default valueDpdtimeout Unit Default value Inactivity Unit Default value List all Peer Options lists Create a Peer Options list Set or modify the Peer Option list parameters Delete a Peer Options list Routed IPSec routing modeVirtualif Possible values Forcedf Possible values Default value Minmtu Unit Default valueAddroute Possible values Default value Don’t Fragment bit forcedf List all Connection Options lists Create a Connection Options list Set or modify the Connection Option list parameters Delete an Options list Advanced Connection 214 Local match localmatch Keyword Followed by a Network name 216 Remote match remotematch 217 218 Page Need more help?

Top Page Image Contents