Nortel 4134 Guia Do Utilizador
240
Configuration examples
ike policy ike1 205.1.1.14
local_address 205.1.1.18
key certificatekey1
pop
4
To configure the IPsec policy, enter:
crypto
ipsec policy ipsec1 205.1.1.14
match address 20.1.2.0 24 10.1.2.0 24
enable
exit
5
To configure the internet firewall:
firewall internet
interface wan2
policy 100 in self service ike
policy 102 in self protocol icmp
policy 102 in self protocol icmp
is optional. It can be
helpful for debugging, but is not a necessary configuration.
6
To configure the corp firewall:
interface ethernet0/2
policy 101 in address 10.1.2.0 24 any any
—End—
Configuring a trust point for PKI
To configure a trust point for PKI, perform the following steps.
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration, enter:
crypto
3
To configure the trustpoint, enter:
ca
trustpoint sr4134
enrollment url http://certsrv.nortel.com/certsrv.dll
subject-name “cn=srsubName,o=nortel”
ip-address 192.168.118.33
fqdn sr4134.nortel.com
email sr4134@nortel.com
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.