Nortel Networks 608(WL) Manuale Utente
Chapter 4
Configuration via the Command Line Interface
E-DOC-CTC-20051017-0169 v0.1
118
4.4 Peer
What is ...
The Peer is a term that refers to the remote Security Gateway the IPSec secure
tunnel(s) will be connected to. In a first phase, an IKE Security Association is
negotiated between the SpeedTouch™ and a remote Security Gateway (peer). This
IKE SA serves as a signalling channel for subsequent tunnel negotiations.
tunnel(s) will be connected to. In a first phase, an IKE Security Association is
negotiated between the SpeedTouch™ and a remote Security Gateway (peer). This
IKE SA serves as a signalling channel for subsequent tunnel negotiations.
In the configuration of the SpeedTouch™, the Peer bundles all the parameters
required to negotiate an IKE Security Association (Phase 1 SA), such as:
required to negotiate an IKE Security Association (Phase 1 SA), such as:
Address
The public IP address of the remote IPSec peer. Eventually a backup address
can be defined.
The public IP address of the remote IPSec peer. Eventually a backup address
can be defined.
Local ID
The identity of the local peer, which is presented to the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
The identity of the local peer, which is presented to the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Remote ID
Similar to the Local ID, this parameter identifies the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Similar to the Local ID, this parameter identifies the remote peer during the
Phase 1 negotiation. Various identity types are supported, such as: IP address,
Distinguished Name. FQDN, etc.
Authtype
Authentication method used: preshared key or with certificates.
Authentication method used: preshared key or with certificates.
XAuth user and password
Allows for a secondary authentication based on a legacy authentication
system
Allows for a secondary authentication based on a legacy authentication
system
Descriptor
Refers to the Phase 1 security descriptor.
Refers to the Phase 1 security descriptor.
The Peer parameters are explained in
How is it used
A Peer can be successfully configured from the moment when a valid
Authentication Attribute and a Peer Security Descriptor are present in the
SpeedTouch™.
Authentication Attribute and a Peer Security Descriptor are present in the
SpeedTouch™.
In this section
The following topics are discussed in this section:
Topic
Page