3com 3031 Instruccion De Instalación
![3com](https://files.manualsbrain.com/attachments/960452ff43b9899cbcffced60c87abf956e7967a/common/fit/150/50/f6ac125d7af2cf40fec58935fa6d4bf71457a57efe50bee91208a434f325/brand_logo.jpeg)
860
C
HAPTER
61: IKE C
ONFIGURATION
Specifing ID of the remote security GW
Perform the following in the IKE-peer View.
The ID specified by this command should be the same ID specified using the
ike
local-name
command on the remote security GW.
Configuring IP addresses of the local and remote security GWs
If the initiator uses GW name in IKE negotiation (that is,
id-type name
is used),
the peer must configure the
remote-name
command. In addition, the name
configured using this command should be consistent with the name configured
using the
using the
ike local-name
command.
Perform the following in the IKE-peer View.
You do not need to use these commands unless the ID type in IKE negotiation is
set to IP address.
set to IP address.
Generally speaking, you do not need to configure the
local-address
command
unless you want to specify a special address for the local GW (such as the address
of loopback interface).
of loopback interface).
The
ip-address
configured using this command should be consistent with the IP
address of the GW configured on the remote security GW.
Configuring NAT traversal
The NAT traversal function must be configured so long as there is a NAT IPSec
device on the VPN tunnel constructed using IPSec/IKE.
device on the VPN tunnel constructed using IPSec/IKE.
Perform the following in the IKE-peer View.
To save IP address space, ISPs often add NAT gateways to public networks, so as to
allocate private IP addresses to users. This may lead to IPSec/IKE tunnel having
both public network address and private network address at both ends. Hence you
allocate private IP addresses to users. This may lead to IPSec/IKE tunnel having
both public network address and private network address at both ends. Hence you
Table 936 Specifying ID of the remote security GW
Operation
Command
Specify a remote security GW
remote-name name
Remove ID of the remote security GW
undo remote-name
Table 937 Configuring IP address of security GWs
Operation
Command
Configure IP address of the local security GW
local-address ip-address
Delete the IP address of the local security GW
undo local-address
Configure IP address of the remote security GW
remote-address ip-address
Delete the IP address of the remote security GW
undo remote-address
Table 938 Configuring the NAT traversal function of IPSec/IKE
Operation
Command
Enable the NAT traversal function of IPSec/IKE
nat traversal
Disable the NAT traversal function of IPSec/IKE
undo nat traversal