Nortel 4134 Guia Do Utilizador
Configuring IKE for site-to-site VPN
125
Table 50
Variable definitions
Variable definitions
Variable
Value
pre-shared-key
Authentication using a pre-shared key, derived out
of band.
of band.
dss-signature
Authentication using Digital Signature Standard
rsa-signature
Authentication using RSA Signature
Configuring DH group for IKE proposal
Configure the IKE Diffie-Hellman group for key exchange between the
peers. This specifies the type of Diffie-Hellman prime modulus group that
IKE uses for the key exchange.
peers. This specifies the type of Diffie-Hellman prime modulus group that
IKE uses for the key exchange.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the IKE policy to configure, enter:
ike policy <policy-name> <peer-address>
4
To select the IKE proposal to configure, enter:
proposal <priority>
5
To configure DH group for IKE proposal, enter:
dh-group {group1 | group2 | group5}
—End—
Table 51
Variable definitions
Variable definitions
Variable
Value
group1
768-bit. RFC 2409.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.