Nortel 4134 Guia Do Utilizador
Configuring IKE for site-to-site VPN
127
Configuring hash algorithm
Configure the IKE authentication algorithm for a given proposal.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the IKE policy to configure, enter:
ike policy <policy-name> <peer-address>
4
To select the IKE proposal to configure, enter:
proposal <priority>
5
To configure the hash algorithm, enter:
[no] hash-algorithm {md5|sha1}
—End—
Table 53
Variable definitions
Variable definitions
Variable
Value
md5
Specifies a 128-bit message digest (RFC 1321).
sha1
Specifies Secure Hash Standard, a 160-bit message
digest (NIST,FIPS PUB 180-1).
digest (NIST,FIPS PUB 180-1).
[no]
Sets the hash algorithm to the default value (sha1).
Configuring lifetime
Configure the lifetime of the IKE SA. When the SA expires, it is replaced by
a new negotiated SA or terminated.
a new negotiated SA or terminated.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.