Nortel 4134 用户指南
Configuring IPsec for site-to-site VPN
129
Configuring IPsec for site-to-site VPN
Creating an IPsec policy
Create an IPsec policy for a dynamic IPsec SA.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To create the IPsec policy, enter:
ipsec policy <policy-name> <peer-gateway-ip>
—End—
Table 55
Variable definitions
Variable definitions
Variable
Value
<policy-name>
IPsec policy name. Max 8 characters.
<peer-gateway-ip>
Peer security gateway IP address.
Configuring anti-replay
Enable or disable anti-replay service on the inbound security association.
The default is disabled.
The default is disabled.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify the IPsec policy to configure, enter:
ipsec policy <policy-name> <peer-gateway-ip>
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.