Chapter 2
SpeedTouch™ IPSec terminology
2.6 Network descriptor
What is ... The concept of Network Descriptors is introduced for the first time in the SpeedTouch™ R5.3. Not only the classical idea of an IP network or subnet is comprised in this concept, but also the protocol and port number of the messages can be specified, such that access to the VPN can be restricted to certain hosts, protocols and port numbers.
Both the origin and destination traffic policies are expressed by referring to a
Network Descriptor. To this end, a symbolic name is attributed to a Network
Descriptor.
The definition of relevant Network Descriptors is linked with the topology of the VPN that is constructed with the IPSec configuration. The Network Descriptors determine the type of messages that will trigger the IPSec module.
21 | |
|
