Nortel 4134 用户指南
Configuring remote access IKE policies
137
Table 62
Variable definitions
Variable definitions
Variable
Value
tunnel
Specifies tunnel mode. In tunnel mode the IP header
of the packet is encapsulated into a new IP header
with a routable destination IP address. Protection is
offered for the complete packet. This is the default
mode.
of the packet is encapsulated into a new IP header
with a routable destination IP address. Protection is
offered for the complete packet. This is the default
mode.
transport
Specifies transport mode. In transport mode, the old
IP address is retained and the hash (in case of AH)
is generated over the payload and delivered to the
peer. The protection is offered only for the pay load.
IP address is retained and the hash (in case of AH)
is generated over the payload and delivered to the
peer. The protection is offered only for the pay load.
Configuring remote access IKE policies
Creating an IKE policy for remote access VPN
Create a dynamic IKE policy for remote access VPN.
Procedure steps
Step
Action
1
To enter the configuration mode, enter:
configure terminal
2
To specify crypto configuration for IPsec and IKE, enter:
crypto
3
To specify configuration of dynamic IKE policies for remote access,
enter:
enter:
dynamic
4
To create a remote access IKE policy, enter:
ike policy <policy-name> {modecfg-group | l2tp-group}
—End—
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.