Nortel 4134 Guia Do Utilizador
SR4134 configuration for dynamic route exchange over IPsec tunnel interoperability with VPN
Router
253
interface bundle wan1
link t1 1/1
encapsulation ppp
ip address 2.2.2.2 255.255.255.0
crypto untrusted
exit
2
To configure the trusted interface, enter:
interface
ethernet 0/1
ip
address 10.10.44.91 255.255.255.0
crypto trusted
exit
3
To add routes, enter:
ip route 0.0.0.0 0.0.0.0 2.2.2.1 1
4
To configure IKE and IPsec policies, enter:
crypto
ike
policy test 0.0.0.0
remote-id domain-name client.Nortel.com
local-address 2.2.2.2
key testing12345
exit policy
ipsec
policy test 0.0.0.0
match
address 10.10.0.0 255.255.0.0 10.1.1.0
255.255.255.0
exit policy
exit crypto
—End—
SR4134 configuration for dynamic route exchange over IPsec tunnel
interoperability with VPN Router
interoperability with VPN Router
Both Secure Router and VPN router currently support dynamic routing over
IPsec. Secure router configuration for dynamic route exchange over IPsec
Tunnel allows interoperability by using IP-on-IP over a transport mode IPsec
connection.
IPsec. Secure router configuration for dynamic route exchange over IPsec
Tunnel allows interoperability by using IP-on-IP over a transport mode IPsec
connection.
Capabilities
•
IPsec transport mode is used, not tunnel mode
•
For OSPF configurations, the SR4134 default IPIP tunnel MTU needs to
be set to 1500 to match the VPN Router tunnel MTU.
be set to 1500 to match the VPN Router tunnel MTU.
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.