Nortel 4134 Guia Do Utilizador
152
IPsec VPN configuration
Specifying the IP stream on which to apply IPsec for remote access VPN
Specify the IP stream on which to apply IPsec
When this command is entered, a default proposal is created, with the
following properties: priority 1, ESP, 3DES, SHA1, DH-group2, tunnel mode.
following properties: priority 1, ESP, 3DES, SHA1, DH-group2, tunnel mode.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify configuration of dynamic IKE policies for remote access,
enter:
enter:
dynamic
4
To specify the remote access IPsec policy to configure, enter:
ipsec policy <name> {modecfg-group | l2tp-group}
5
To configure the matching IP address, enter:
match {address <A.B.C.D> <mask>}
[source-end-ip <A.B.C.D>]
[dest-start-ip <A.B.C.D>]
[dest-netmask <A.B.C.D>]
[dest-end-ip <A.B.C.D>]
[protocol <protocol>]
[sport <0-65535>]
[dport <0-65535>]
—End—
Table 77
Variable definitions
Variable definitions
Variable
Value
[address <A.B.C.D>
<mask>]
<mask>]
source IP address (start address if range is
applicable) in the IP stream to be applied IPsec.
applicable) in the IP stream to be applied IPsec.
[source-end-ip
<A.B.C.D>]
<A.B.C.D>]
source IP address (end address if range is
applicable) in the IP stream to be applied IPsec
applicable) in the IP stream to be applied IPsec
[dest-start-ip
<A.B.C.D>]
<A.B.C.D>]
destination IP address (start address if range is
applicable) in the IP stream to be applied IPsec
applicable) in the IP stream to be applied IPsec
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.