Nortel 4134 Guia Do Utilizador
242
Configuration examples
crypto trusted
exit
3
To configure the dynamic IKE policy, enter:
crypto
dynamic
ike policy vpn_client modecfg-group
local-address 205.1.1.14
remote-id email-id “jim@domain.com”
key certificatekey1
4
To specify the address pool reserved for the remote clients, enter:
client configuration
address-pool 1 100.1.1.1 100.1.1.100
pop
5
To configure the dynamic IPsec policy, enter:
crypto
dynamic
ipsec policy to-vpn_client modecfg-group
match address 100.1.1.0 24
enable
exit
6
To configure the internet firewall:
firewall internet
interface wan1
policy 100 in self service ike
policy 101 in self protocol udp port any 4500
policy 200 in self protocol icmp
policy 200 in self protocol icmp
is optional. It can be
helpful for debugging, but is not a necessary configuration.
7
To configure the corp firewall:
interface ethernet0/1
policy 101 in address 100.1.1.1 100.1.1.100 any any
The source address specified here matches the address pool
specified in step 5.
specified in step 5.
—End—
Configuring a remote access VPN with L2TP server
To configure a remote access VPN with L2TP server, perform the following
steps.
steps.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.