Nortel 4134 用户指南
122
IPsec VPN configuration
ike policy <policy-name> <peer-address>
4
To configure the IKE exchange type, enter:
exchange-type {initiator-only | responder-only | both}
—End—
Table 47
Variable definitions
Variable definitions
Variable
Value
initiator-only
Specifies that the policy cannot respond to IKE
negotiations initiated by another party. This type
is not supported if the IKE policy is configured for
main mode and Preshared Key is configured as the
authentication mode.
negotiations initiated by another party. This type
is not supported if the IKE policy is configured for
main mode and Preshared Key is configured as the
authentication mode.
responder-only
Specifies that the policy cannot initiate IKE to any
other part, but responds to the IKE initiated by
others.
other part, but responds to the IKE initiated by
others.
both
Specifies that the policy can initiate IKE to the other
party and also respond to IKE negotiations initiated
by another.
This is the default setting.
party and also respond to IKE negotiations initiated
by another.
This is the default setting.
Configuring the pre-shared key for IKE
Define a pre-shared key for the IKE policy. The key is valid only when the
proposal configured has the authentication method as pre-shared-key.
proposal configured has the authentication method as pre-shared-key.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the IKE policy to configure, enter:
ike policy <policy-name> <peer-address>
4
To configure the IKE key, enter:
key <key-string>
—End—
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.