Manuals / Nortel Networks / Computer Equipment / Network Card

Nortel Networks 608(WL), 620 manual

Models: 620 608(WL)

1 222

Download 222 pages 37.22 Kb

<>

Configuration via Local Pages Auxiliary Commands Default Peer Concept Peer Phase Authorization Password Inactivity Timeout Advanced Features Switch to the Aggressive Mode Encapsulation mode Keyword

Page 221

Page 220 Page 222

Image 221

Nortel Networks 608(WL), 620 manual

Page 220 Page 222

Related manuals

Manual 222 pages 37.22 Kb

Related pages Trouble Shooting Guide for Napoleon Fireplaces BGD40-P Specifications for Desa RCLP50VA When installing for Lenovo E10 FAQs, etc for Panasonic TC-P50G25 Install the Ptpublisher Client Software for Primera Technology DP-XRn Parts List for Trion SE800E Manufacturer code list for JVC LV42740-001A Fault Code F1 for Fisher & Paykel DS602 FEATURES for Sylvania SSV6001 Option SI performance 3-phased for Studer Innotec SI SERIES

Contents

SpeedTouch608WL/620 Page SpeedTouch 608WL/620 Document Information CopyrightTrademarks Contents Configuration via the Command Line Interface Troubleshooting SpeedTouch IPSec 161 Advanced Features Advanced Connection 213 Contents Terminology Documentation and software updates About this IPSec Configuration GuideAbout this IPSec Configuration Guide Topic IPSec Concept for secure IP connectionsIPSec Concepts Authentication Header Encapsulated Security PayloadSecurity Associations Tunnel Mode Chapter SpeedTouch IPSec terminology Policy Security Descriptor Authentication Attribute Peer Phase Connection Phase Network descriptor Chapter Configuration via Local Pages Topic Network 10.0.0.0/24 Network 20.0.0.0/24 LAN to LAN ApplicationRemote Gateway Address Unknown Remote Gateway Address KnownRemote Gateway Address Known Click IKE Exchange Mode Inactivity Timeout Default valueInactivity Timeout Primary Untrusted Physical InterfaceLayout with additional Descriptors IKE Security DescriptorsParameter Value for AESMD5 Shared key AuthenticationLayout for pre Identity type Keyword Examples IKE Authentication with Preshared KeyExample of a completed Click Remote Gateway Address Unknown Gateway Address Unknown Switch to the Aggressive ModeInactivity Timeout Default value IKE Security Descriptors Layout for pre IKE Authentication with Preshared Key Advanced Peers Security Descriptors Confirm the IKE Authentication , IKESecurity Descriptors and Miscellaneous Inactivity Timeout Default value Chapter John.doe@corporate.net Identification InterfaceExample of a completed Click Connections Network IP field Type Valid network types are Keyword ExamplesProtocol Value for AESMD5TUN ParameterStarting and stopping a connection VPN Client Click Server IP Address or Backup Server IP Address or Fqdn IKE Security DescriptorAdvanced Connections Security Descriptors Select WhenChapter Preshared Secret Manual Dialup Automatic Start Set of Server Vendor specific parameters Local LAN IP range ExamplesMethod 2 Manual Start Starting the VPN Client ConnectionMethod 1 Automatic Start Client Identification parameter is Server Vendor specific Dialling VPN Client ConnectChapter Closing a Connection VPN Server VPN Server Click Parameter Value for AESMD5 Example DESMD5TUN Layout with additional Descriptors IPSec SecurityInactivity Timeout Default value Netmask Virtual IP RangePush IP Domain nameIdentity type Keyword Examples @corporate.net Remote ID Filter Type and Remote ID FilterClick Add User Certificates Chapter Advanced VPN Menu Advanced Peers sub-pages See Connection Profiles Peer Profiles Remote ID type Keyword Examples Local ID type Keyword ExamplesChapter Chapter Parameter Possible values Description AuthenticationParameter Description Peer DescriptorsDescriptors page layout Parameter table Valid key lengths bits AlgorithmHashing algorithm Diffie-Hellman group Number of bits KeywordOptions Peer OptionsLayout Peer ProfileVPN-Client Authentication XAuth on page 176 and followingChapter VPN-Server Chapter Chap PasswordVPN-Server-XAuth Connection Profiles Keyword allocatedvirtualip Keyword retrievefromserverChapter Type of network and IP address What is a Network Descriptor? How is it used?Networks Chapter Descriptors page layout Connection DescriptorsPFS Algorithm Valid key lengths bitsKilobytes 30 = 1 073 741 Connection Profile Connection OptionsClient Configuration via the Command Line Interface What do we want to do? How do we configure it SpeedTouch? Basic IPSec configuration procedure103 Peer Authentication Attribute Authentication Attribute Parameters List all Authentication Attributes Create a New Authentication Attribute Secret1 Set or Modify the Authentication Attribute ParametersDelete an Authentication attribute Peer Security Descriptor Parameter Keyword Description Peer Security Descriptor ParametersCryptographic function crypto Algorithm Valid key sizes Popular sizes Default size Bits113 List all Peer Security Descriptors Create a New Peer Security Descriptor Name = peerdes1 Set or Modify the Peer Descriptor ParametersDelete a Peer Descriptor Result of this operation is verified with the list commandPeer Peer parameters Parameter Keyword Description Peer parametersExchange mode Keyword Valid values Corporate.net Remote Identifier remoteid122 Dialuppppoe List all peer entitiesCreate a new peer entity Set or modify the peer parameters Use the list command to verify the results of the operationDelete a Peer entity Connection Security Descriptor Connection Security Descriptor parameters 129 Encapsulation mode Keyword Ipsec=connection List all Connection Security DescriptorsCreate a new Connection Security Descriptor Name = cnctdes1 Set the Connection Security Descriptor ParametersDelete a Connection Security Descriptor 135 Type Valid network types Keyword Examples Are Network Descriptor Parameters137 Create a New Network Descriptor Net1 Set the Network Descriptor ParametersDelete a Network Descriptor Connection Connection parameters Parameter Keyword Description Connection ParametersLocal network localnetwork Remote network remotenetwork 144 List all Connections Create a New Connection Name = connect1 Set or Modify the Connection ParametersDelete a Connection Start a Connection Stop a connection Auxiliary Commands Control of general VPN settings Config CommandWhat is it used for Display the VPN configuration settings AutoProxyARP When do I need ProxyARP An example of Auto ProxyARP Flush Command Clear Command Group Ipsec clear command group Organisation of the IPSec Command GroupIpsec command group See Ipsec debug command group Ipsec connection command groupIpsec peer command group Ipsec show command group Troubleshooting SpeedTouch IPSec Security Association should be active Via the Debug Web pagesBrowse again to Expert mode VPN Debug Logging How to monitor the IPSec negotiationsBrowse to Expert mode VPN Debug Logging 164 Show command group Via the CLI Show command group166 Via the CLI Debug command group 168 Severity Contents Debugging via Snmp Via SnmpPinging from the SpeedTouch to the remote private network Ping command Adapting the routing table172 Advanced Features IPSec and the Stateful Inspection Firewall Web Browsing Interception and surfing through a tunnel Surfing through the VPN tunnelHow does it work Extended Authentication XAuth177 VPN Client parameters Parameter Keyword Description VPN Client parametersIpsec= Ipsec=peer Create a new vpnclientSet or modify the vpnclient parameters Modify the peer parameters Example Attach the vpnclient entity to the peer entity182 VPN Server parameters Parameter Keyword Description VPN Server parametersPuship Possible values Description Default value Create a new VPN server Set or modify the vpnserver parameters Attach the vpnserver entity to the peer entity XAuth Users Pool XAuth Pool parameters Parameter Keyword Description XAuth Pool parametersCreate a new XAuth pool Modify the xauthpool type Modify the vpnserver parameters Example Attach the xauthpool entity to the vpnserver entityDelete an xauthpool entity XAuth User parameters Create a new XAuth user Set or modify the password of an XAuth user Delete an xauthuser entity PPP Default Peer ConceptAdvanced Features SpeedTouch 1 IPSec peer configuration Example IPSec connection, applying the default peer conceptPeer One Peer Multiple ConnectionsOption Keyword Description Possible values Default valueDpdxmits Default value Dpdidleperiod Unit Default valueDpdtimeout Unit Default value Inactivity Unit Default valueList all Peer Options lists Create a Peer Options list Set or modify the Peer Option list parameters Delete a Peer Options list Virtualif Possible values IPSec routing modeRouted Minmtu Unit Default value Forcedf Possible values Default valueAddroute Possible values Default value Don’t Fragment bit forcedfList all Connection Options lists Create a Connection Options list Set or modify the Connection Option list parameters Delete an Options list Advanced Connection 214 Keyword Followed by a Network name Local match localmatchRemote match remotematch 216217 218 Page Need more help?