3 create a new connection security descriptor, Add command, Example – Nortel Networks 608(WL) User Manual

Chapter 4

Configuration via the Command Line Interface

E-DOC-CTC-20051017-0169 v0.1

132

4.5.3 Create a new Connection Security Descriptor

add command

A new Connection Security Descriptor is created with the

ipsec connection

descriptor add

command.

Example

In the following example, a new Connection Security Descriptor is created, named
cnctdes1

The result of this operation can be verified with the

list

command.

It is seen that the new descriptor, named “cnctdes1”, has been created.

[ipsec]=>connection
[ipsec connection]=>descriptor
[ipsec connection descriptor]=>add
name = cnctdes1
:ipsec connection descriptor add name=cnctdes1
[ipsec connection descriptor]=>

[ipsec connection descriptor]=>list
[AES_SHA1_TUN] : AES(128) HMAC-SHA1 Lifetime 86400s Tunnel Mode
[AES_MD5_TUN] : AES(128) HMAC-MD5 Lifetime 86400s Tunnel Mode
[AES_SHA1_PFS_TUN] : AES(128) HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[AES_MD5_PFS_TUN] : AES(128) HMAC-MD5 PFS Lifetime 86400s Tunnel Mode
[3DES_SHA1_TUN] : 3DES HMAC-SHA1 Lifetime 86400s Tunnel Mode
[3DES_MD5_TUN] : 3DES HMAC-MD5 Lifetime 86400s Tunnel Mode
[3DES_SHA1_PFS_TUN] : 3DES HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[3DES_MD5_PFS_TUN] : 3DES HMAC-MD5 PFS Lifetime 86400s Tunnel Mode
[DES_SHA1_TUN] : DES HMAC-SHA1 Lifetime 86400s Tunnel Mode
[DES_MD5_TUN] : DES HMAC-MD5 Lifetime 86400s Tunnel Mode
[AES_SHA1_Adv_TUN] : AES(256) HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[3DES_SHA1_Adv_TUN] : 3DES HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[NullEnc_SHA1_TUN] : NULL HMAC-SHA1 Lifetime 86400s Tunnel Mode
[cnctdes1] : Tunnel Mode
[ipsec connection descriptor]=>

Thirteen Connection Security Descriptors are pre-defined in the
SpeedTouch™, covering the most common settings. In total, up to 40
Security Descriptors can be defined. This total includes both the

Peer

Security Descriptors and the

Connection

Security Descriptors.