Nortel Networks 608(WL) User Manual
Ipsec configuration guide, Wireless) business dsl router
This manual is related to the following products:
Table of contents
Document Outline
- Contents
- About this IPSec Configuration Guide
- 1 IPSec: Concept for secure IP connections
- 2 SpeedTouch™ IPSec terminology
- 3 Configuration via Local Pages
- Prerequisites
- IPSec Web Pages
- VPN Menu
- In this section
- 3.1 LAN to LAN Application
- Reference network
- Selecting the LAN to LAN application
- Outline of a configuration procedure
- 3.1.1 Remote Gateway Address Known Page
- VPN context
- Initial page
- Buttons
- Remote Gateway
- Miscellaneous
- IKE Security Descriptors
- Page layout with additional Descriptors
- Page layout for pre- shared key authentication
- IKE Authentication with Preshared Key
- Page layout for certificate authentication
- IKE Authentication: Certificate parameters
- Example of a completed page
- Buttons
- 3.1.2 Remote Gateway Address Unknown Page
- VPN context
- Example
- Aggressive Mode initial page
- Aggressive Mode versus Main Mode
- Buttons
- Miscellaneous
- IKE Security Descriptors
- Page layout with additional Descriptors
- Page layout for pre- shared key authentication
- IKE Authentication with Preshared Key
- Page layout for certificate authentication
- IKE Authentication: Certificate parameters
- Main Mode initial page
- Buttons
- IKE Security Descriptors
- Page layout with additional Descriptors
- Miscellaneous
- Page layout for pre- shared key authentication
- IKE Authentication with Preshared Key
- Page layout for certificate authentication
- IKE Authentication: Certificate parameters
- Main mode expanded page
- Identification & Interface
- Example of a completed page
- Buttons
- 3.1.3 Connections Page
- 3.2 VPN Client
- VPN context
- Advantages of the SpeedTouch™ VPN Client
- Selecting the VPN Client application
- Outline of a VPN Client configuration procedure
- 3.2.1 VPN Client Page
- Initial page
- Buttons
- Server IP Address or FQDN
- Backup Server IP Address or FQDN
- IKE Security Descriptor
- IPSec Security Descriptor
- Exchange Mode
- Server Vendor
- Primary Untrusted Physical Interface
- Virtual IP mapping
- Optional Remote network
- Page layout for pre- shared key authentication
- IKE Authentication with Preshared Key
- Page layout for certificate authentication
- IKE Authentication: Certificate parameters
- Starting and stopping a VPN client connection
- Page layout for Automatic Start
- Local LAN IP Range
- Set of Server Vendor specific parameters
- Configuring XAuth
- 3.2.2 Starting the VPN Client Connection
- 3.2.3 Closing a Connection
- 3.3 VPN Server
- VPN context
- Selecting the VPN Server application
- Outline of a VPN server configuration procedure
- 3.3.1 VPN Server Page
- Initial page
- Buttons
- Local Trusted Network
- Page layout with additional Networks
- IKE Security Descriptor
- Page layout with additional Descriptors
- IPSec Security Descriptor
- Page layout with additional Descriptors
- Miscellaneous
- VPN Server settings
- Page layout for pre- shared key authentication
- IKE Authentication with Preshared Key
- Page layout for certificate authentication
- IKE Authentication: Certificate parameters
- Authorized Users List
- 3.4 Certificates
- 3.5 Advanced VPN Menu
- When to use
- Peer Profiles page
- Connection Profiles page
- 3.5.1 Peer Profiles Page
- 3.5.2 Authentication Page
- 3.5.3 Peer Descriptors Page
- 3.5.4 Peer Options Page
- 3.5.5 VPN-Client Page
- 3.5.6 VPN-Server Page
- 3.5.7 VPN-Server-XAuth Page
- 3.5.8 Connection Profiles Page
- 3.5.9 Networks Page
- 3.5.10 Connection Descriptors Page
- 3.5.11 Connection Options Page
- 3.5.12 Client Page
- 4 Configuration via the Command Line Interface
- In this chapter
- Reference network
- 4.1 Basic IPSec configuration procedure
- 4.2 Peer: Authentication Attribute
- 4.3 Peer Security Descriptor
- 4.4 Peer
- What is ...
- How is it used
- In this section
- 4.4.1 Peer parameters
- Parameters table
- Peer name [name]
- Remote Security Gateway identifier [remoteaddr]
- Backup remote Security Gateway Identifier [backupaddr]
- Exchange mode [exchmode]
- Local Identifier [localid]
- Remote Identifier [remoteid]
- Physical Interface [phyif]
- Peer descriptor [descr]
- Authentication Attribute [auth]
- client/server
- options
- 4.4.2 List all peer entities
- 4.4.3 Create a new peer entity
- 4.4.4 Set or modify the peer parameters
- 4.4.5 Delete a Peer entity
- 4.5 Connection Security Descriptor
- 4.6 Network Descriptor
- 4.7 Connection
- 4.8 Auxiliary Commands
- 4.9 Organisation of the IPSec Command Group
- 5 Troubleshooting SpeedTouch™ IPSec
- 6 Advanced Features
- In this section
- 6.1 IPSec and the Stateful Inspection Firewall
- 6.2 Surfing through the VPN tunnel
- 6.3 Extended Authentication (XAuth)
- 6.4 VPN Client
- 6.5 VPN Server
- 6.6 XAuth Users Pool
- Introduction
- 6.6.1 XAuth Pool parameters
- 6.6.2 Create a new XAuth pool
- 6.6.3 Modify the xauthpool type
- 6.6.4 Attach the xauthpool entity to the vpnserver entity
- 6.6.5 Delete an xauthpool entity
- 6.6.6 XAuth User parameters
- 6.6.7 Create a new XAuth user
- 6.6.8 Set or modify the password of an XAuth user
- 6.6.9 Delete an xauthuser entity
- 6.7 The Default Peer Concept
- 6.8 One Peer - Multiple Connections
- 6.9 Peer Options
- 6.10 Connection Options
- 6.11 Advanced Connection
- Need more help?