Manuals / Nortel Networks / Computer Equipment / Network Card

Nortel Networks 608(WL), 620 manual

Models: 620 608(WL)

1 222

Download 222 pages 37.22 Kb

Password Default Peer Concept Configuration via Local Pages Auxiliary Commands Inactivity Timeout Peer Phase Authorization Advanced Features Switch to the Aggressive Mode Encapsulation mode Keyword

Page 221

Page 220 Page 222

Image 221

Nortel Networks 608(WL), 620 manual

Page 220 Page 222

Related pages Troubleshooting for Fisher & Paykel CG363MLD Product Specifications for Agilent Technologies U2802A Maintenance Chart for Cub Cadet 2166 Why do I need a Google account? for Sony D2302 Installation for Zanussi ZI 918/9 FFA Parts list Liste des pièces Lista de las piezas for Graco Graco Language Code List for Panasonic PV-24DF62 Cleaning and care for Samsung CTR164NB01/BOL What should I do if I want to clean my mijoteuse west bend?

Contents

SpeedTouch608WL/620 Page SpeedTouch 608WL/620 Document Information CopyrightTrademarks Contents Configuration via the Command Line Interface Troubleshooting SpeedTouch IPSec 161 Advanced Features Advanced Connection 213 Contents Terminology Documentation and software updates About this IPSec Configuration Guide About this IPSec Configuration Guide Topic IPSec Concept for secure IP connections IPSec Concepts Authentication Header Encapsulated Security Payload Security Associations Tunnel Mode Chapter SpeedTouch IPSec terminology Policy Security Descriptor Authentication Attribute Peer Phase Connection Phase Network descriptor Chapter Configuration via Local Pages Topic Network 10.0.0.0/24 Network 20.0.0.0/24 LAN to LAN Application Remote Gateway Address Unknown Remote Gateway Address Known Remote Gateway Address Known Click IKE Exchange Mode Inactivity Timeout Default valueInactivity Timeout Primary Untrusted Physical Interface Layout with additional Descriptors IKE Security DescriptorsParameter Value for AESMD5 Shared key AuthenticationLayout for pre Identity type Keyword Examples IKE Authentication with Preshared Key Example of a completed Click Remote Gateway Address Unknown Gateway Address Unknown Switch to the Aggressive Mode Inactivity Timeout Default value IKE Security Descriptors Layout for pre IKE Authentication with Preshared Key Advanced Peers Security Descriptors Confirm the IKE Authentication , IKESecurity Descriptors and Miscellaneous Inactivity Timeout Default value Chapter John.doe@corporate.net Identification Interface Example of a completed Click Connections Network IP field Type Valid network types are Keyword ExamplesProtocol Value for AESMD5TUN Parameter Starting and stopping a connection VPN Client Click Server IP Address or Backup Server IP Address or Fqdn IKE Security Descriptor Advanced Connections Security Descriptors Select When Chapter Preshared Secret Manual Dialup Automatic Start Set of Server Vendor specific parameters Local LAN IP range Examples Method 2 Manual Start Starting the VPN Client ConnectionMethod 1 Automatic Start Client Identification parameter is Server Vendor specific Dialling VPN Client Connect Chapter Closing a Connection VPN Server VPN Server Click Parameter Value for AESMD5 Example DESMD5TUN Layout with additional Descriptors IPSec Security Inactivity Timeout Default value Netmask Virtual IP RangePush IP Domain name Identity type Keyword Examples @corporate.net Remote ID Filter Type and Remote ID Filter Click Add User Certificates Chapter Advanced VPN Menu Advanced Peers sub-pages See Connection Profiles Peer Profiles Remote ID type Keyword Examples Local ID type Keyword Examples Chapter Chapter Parameter Possible values Description Authentication Parameter Description Peer DescriptorsDescriptors page layout Parameter table Valid key lengths bits AlgorithmHashing algorithm Diffie-Hellman group Number of bits Keyword Options Peer OptionsLayout Peer Profile VPN-Client Authentication XAuth on page 176 and following Chapter VPN-Server Chapter Chap PasswordVPN-Server-XAuth Connection Profiles Keyword allocatedvirtualip Keyword retrievefromserver Chapter Type of network and IP address What is a Network Descriptor? How is it used?Networks Chapter Descriptors page layout Connection Descriptors PFS Algorithm Valid key lengths bits Kilobytes 30 = 1 073 741 Connection Profile Connection Options Client Configuration via the Command Line Interface What do we want to do? How do we configure it SpeedTouch? Basic IPSec configuration procedure 103 Peer Authentication Attribute Authentication Attribute Parameters List all Authentication Attributes Create a New Authentication Attribute Secret1 Set or Modify the Authentication Attribute Parameters Delete an Authentication attribute Peer Security Descriptor Parameter Keyword Description Peer Security Descriptor Parameters Cryptographic function crypto Algorithm Valid key sizes Popular sizes Default size Bits 113 List all Peer Security Descriptors Create a New Peer Security Descriptor Name = peerdes1 Set or Modify the Peer Descriptor Parameters Delete a Peer Descriptor Result of this operation is verified with the list command Peer Peer parameters Parameter Keyword Description Peer parameters Exchange mode Keyword Valid values Corporate.net Remote Identifier remoteid 122 Dialuppppoe List all peer entities Create a new peer entity Set or modify the peer parameters Use the list command to verify the results of the operation Delete a Peer entity Connection Security Descriptor Connection Security Descriptor parameters 129 Encapsulation mode Keyword Ipsec=connection List all Connection Security Descriptors Create a new Connection Security Descriptor Name = cnctdes1 Set the Connection Security Descriptor Parameters Delete a Connection Security Descriptor 135 Type Valid network types Keyword Examples Are Network Descriptor Parameters 137 Create a New Network Descriptor Net1 Set the Network Descriptor Parameters Delete a Network Descriptor Connection Connection parameters Parameter Keyword Description Connection Parameters Local network localnetwork Remote network remotenetwork 144 List all Connections Create a New Connection Name = connect1 Set or Modify the Connection Parameters Delete a Connection Start a Connection Stop a connection Auxiliary Commands Control of general VPN settings Config CommandWhat is it used for Display the VPN configuration settings AutoProxyARP When do I need ProxyARP An example of Auto ProxyARP Flush Command Clear Command Group Ipsec clear command group Organisation of the IPSec Command GroupIpsec command group See Ipsec debug command group Ipsec connection command group Ipsec peer command group Ipsec show command group Troubleshooting SpeedTouch IPSec Security Association should be active Via the Debug Web pages Browse again to Expert mode VPN Debug Logging How to monitor the IPSec negotiationsBrowse to Expert mode VPN Debug Logging 164 Show command group Via the CLI Show command group 166 Via the CLI Debug command group 168 Severity Contents Debugging via Snmp Via Snmp Pinging from the SpeedTouch to the remote private network Ping command Adapting the routing table 172 Advanced Features IPSec and the Stateful Inspection Firewall Web Browsing Interception and surfing through a tunnel Surfing through the VPN tunnel How does it work Extended Authentication XAuth 177 VPN Client parameters Parameter Keyword Description VPN Client parameters Ipsec= Ipsec=peer Create a new vpnclient Set or modify the vpnclient parameters Modify the peer parameters Example Attach the vpnclient entity to the peer entity 182 VPN Server parameters Parameter Keyword Description VPN Server parameters Puship Possible values Description Default value Create a new VPN server Set or modify the vpnserver parameters Attach the vpnserver entity to the peer entity XAuth Users Pool XAuth Pool parameters Parameter Keyword Description XAuth Pool parameters Create a new XAuth pool Modify the xauthpool type Modify the vpnserver parameters Example Attach the xauthpool entity to the vpnserver entity Delete an xauthpool entity XAuth User parameters Create a new XAuth user Set or modify the password of an XAuth user Delete an xauthuser entity PPP Default Peer Concept Advanced Features SpeedTouch 1 IPSec peer configuration Example IPSec connection, applying the default peer concept Peer One Peer Multiple Connections Option Keyword Description Possible values Default value Dpdxmits Default value Dpdidleperiod Unit Default valueDpdtimeout Unit Default value Inactivity Unit Default value List all Peer Options lists Create a Peer Options list Set or modify the Peer Option list parameters Delete a Peer Options list Virtualif Possible values IPSec routing modeRouted Minmtu Unit Default value Forcedf Possible values Default valueAddroute Possible values Default value Don’t Fragment bit forcedf List all Connection Options lists Create a Connection Options list Set or modify the Connection Option list parameters Delete an Options list Advanced Connection 214 Keyword Followed by a Network name Local match localmatch Remote match remotematch 216 217 218 Page Need more help?

Top Page Image Contents