Nortel 1010 用户指南
Chapter 6 Configuring branch office tunnels 131
Nortel VPN Router Configuration — Basic Features
Configuring a tunnel connection
To configure a connection:
1
On the Profiles > Branch Office window, select the button next to the
connection name and click on Configure. The Connection Configuration
window appears.
connection name and click on Configure. The Connection Configuration
window appears.
2
Select the Tunnel Type for the connection from the list. The default type is
IPsec. Click the drop-down list and select either IPsec, PPTP, or L2TP.
IPsec. Click the drop-down list and select either IPsec, PPTP, or L2TP.
If you change the tunnel type, the fields in the Authentication portion of this
window change to reflect the different configuration requirements for the
selected tunnel type.
window change to reflect the different configuration requirements for the
selected tunnel type.
3
Select the Connection Type from the list that you want this branch office to
use.
use.
•
Peer to peer connection type is the traditional branch office tunnel, where
either side can initiate traffic.
either side can initiate traffic.
•
Initiator, where with asynchronous branch office tunnels (ABOT), one
side must be configured as the initiator and the other as the responder.
Only the Initiator can bring up the tunnel. When the connection type is set
to initiator, there is no need to define a local endpoint. You should only
configure an IPsec tunnel type. IPsec authentication requires an initiator
ID. Asynchronous branch office tunnels work only on public interfaces.
side must be configured as the initiator and the other as the responder.
Only the Initiator can bring up the tunnel. When the connection type is set
to initiator, there is no need to define a local endpoint. You should only
configure an IPsec tunnel type. IPsec authentication requires an initiator
ID. Asynchronous branch office tunnels work only on public interfaces.
•
Responder, where neither local or remote endpoints are required. You
must configure IPsec authentication to specify the same initiator ID as in
the associated initiator branch office tunnel.
must configure IPsec authentication to specify the same initiator ID as in
the associated initiator branch office tunnel.
4
Click Enable to enable the branch office connection. For security, the Enable
Branch Office Connection selection is automatically disabled when you
attempt to save an incorrect configuration.
Branch Office Connection selection is automatically disabled when you
attempt to save an incorrect configuration.
5
Select the Endpoints for the initiator and responder connection types.
•
For the local endpoint address, click on the list and select the address of
the local Nortel VPN Router (for example, 132.168.2.3).
the local Nortel VPN Router (for example, 132.168.2.3).
•
In the remote endpoint address field, enter the address of the remote
Nortel VPN Router (for example, 132.19.2.30) that you want to form the
opposite end of the branch office connection. For Initiator connection
types, you can enter the DNS host name.
Nortel VPN Router (for example, 132.19.2.30) that you want to form the
opposite end of the branch office connection. For Initiator connection
types, you can enter the DNS host name.