Nortel 4134 Guia Do Utilizador
Configuring IKE for site-to-site VPN
123
Table 48
Variable definitions
Variable definitions
Variable
Value
<key-string>
Specifies the pre-shared key. Max 49 characters.
Enabling or disabling PFS
Enable or disable Perfect Forward Secrecy (PFS) of both keys and identities
(RFC 2409) for the IKE policy.
(RFC 2409) for the IKE policy.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the IKE policy to configure, enter:
ike policy <policy-name> <peer-address>
4
To enable or disable PFS, enter:
[no] pfs
—End—
Configuring IKE proposal
Configure an IKE proposal for a dynamic ISAKMP SA.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the IKE policy to configure, enter:
ike policy <policy-name> <peer-address>
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.