Nortel Networks 608(WL) Manuel D’Utilisation
Chapter 2
SpeedTouch™ IPSec terminology
E-DOC-CTC-20051017-0169 v1.0
19
2.4 Peer (Phase 1)
What is ...
The Peer is a term that refers to the remote Security Gateway to which the IPSec
secure tunnel(s) will be established. In a first phase, an IKE Security Association is
negotiated between the SpeedTouch™ and a remote Security Gateway (peer). In
the configuration of the SpeedTouch™, the Peer bundles all the parameters
required to negotiate an IKE Security Association (Phase 1 SA), such as:
secure tunnel(s) will be established. In a first phase, an IKE Security Association is
negotiated between the SpeedTouch™ and a remote Security Gateway (peer). In
the configuration of the SpeedTouch™, the Peer bundles all the parameters
required to negotiate an IKE Security Association (Phase 1 SA), such as:
Address
The public IP address of the remote IPSec peer. Eventually a backup address
can be defined.
The public IP address of the remote IPSec peer. Eventually a backup address
can be defined.
Local ID
The identity of the local peer, which is presented to the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
The identity of the local peer, which is presented to the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Remote ID
Similar to the Local ID, this parameter identifies the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Similar to the Local ID, this parameter identifies the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Authtype
Authentication method used: preshared key or with certificates.
Authentication method used: preshared key or with certificates.
XAuth user and password
Allows for a secondary authentication based on a legacy authentication
system
Allows for a secondary authentication based on a legacy authentication
system
Descriptor
Refers to the Phase 1 security descriptor
Refers to the Phase 1 security descriptor
The complete list of parameters is found in section
and in
the CLI Reference Guide.