Lucent Technologies 5800 Series 사용자 설명서

다운로드
페이지 88
Efficient Networks
® 
5800 Series
User Reference Guide
Chapter 3: Additional Features
Efficient Networks
®
Page 3-23
1. IPSec Policy Name:  Enter a logical name for the IPSec policy.  
The name you choose is of no consequence to the other IPSec party.
2. Peer Binding:  Specify the remote IKE peer to which this policy shall 
apply.  This peer must be already defined with the IKE Peer Definition 
screen.
3. IPSec Proposal Bindings:  Specify an IKE IPSec proposal to be used 
with this policy.  The IKE IPSec proposal must be already defined with 
the IKE IPSec Proposal Definition screen.
4. PFS Group:  Select the Perfect Forward Secrecy negotiation and 
Diffie-Hellman group to be used for each rekey.  Perfect Forward 
Secrecy enhances the security of the key exchange.  In the event of a 
key becoming compromised, only the data protected by that 
compromised key becomes vulnerable.  You can choose None, Group 
1 or Group 2.
5. IP Protocol:  Specify a protocol to be used with this policy.  You can 
also enable any protocol to be used by selecting “all”.
6. Source IP Address:  Enter the IP address of the local area network 
that will use this policy.  This will usually be the IP address assigned to 
the network local to your router.
7. Source Subnet Mask:  Enter the subnet mask of the local area 
network that will use this policy.  This will usually be the subnet mask 
assigned to the network local to your router.
8. Destination IP Address:  Enter the IP address of the remote private 
network to which your router will connect using this policy.
9. Destination Subnet Mask:  Enter the subnet mask of the remote 
private network to which your router will connect using this policy.
10. Source Port:  Enter the port that will be the source of TCP/UDP 
traffic under this policy.  You can specify All ports, a port number, or 
an IP application associated with a particular port.  Because port 
numbers are TCP and UDP specific, a port filter is effective only when 
the protocol filter is TCP or UDP (see Step 5: IP Protocol).
11. Destination Port:  Enter the port that will be the destination of TCP/
UDP traffic under this policy.  You can specify All ports, a port 
number, or an IP application associated with a particular port.
12. Click on Save IKE Settings to establish your IKE IPSec policy and 
return to the home screen.