beautypg.com

Panasonic 8000 User Manual

Page 74

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

background image

Nortel Secure Router 8000 Series
Troubleshooting - VAS__________

2 IPSec and IKE troubleshooting

Item

Sub-item

Description

Configure the peer

The name is a string of 1 to 15 characters.

name

If the local authentication mode is name,
you need to specify the peer name.

Enable NAT

By default, NAT is disabled.

Configuring the
IPSec policy

template

Configure the name of

the IPSec policy
template

The name is a string of 1 to 15 characters.

Policies with the same name are in a
policy group. The name and sequence
number define one policy; each policy
group has a maximum of 100 policies.

Parameters of the IPSec policy template
must be the same as those of IPSec
ISAKMP.

Note that parameters such as proposal and

ike-peer are mandatory while other
parameters are optional.

In IKE negotiation, if the IPSec policy
template is used, all configured parameters
on the two ends must match. If no
parameters are configured for an IPSec
policy template, the parameters of the
IPSec policy are the same as those of the
initiator.

Configure the
sequence number of

the IPSec policy
template

The sequence number of the IPSec policy
template ranges from 1 to 10000.

The lower the sequence number, the
higher the priority.

Configure the

negotiation mode

This is null because you can only use
ISAKMP mode.

Configure the ACL

This can be unspecified.

Configure the IPSec

protocol

The security protocol, algorithm, and
encapsulation type must be the same on
two ends of the tunnel.

Configure the IKE

peer

Configure the IKE peer to the policy.

Configure PFS

For configuration precautions, see the
configuration notes for “Troubleshooting
ISAKMP SA.”

Configuring the
IPSec policies and

using the IPSec
policy template

Configure the name of

the IPSec policy

The name is a string of 1 to 15 characters.

Policies with the same name are in a
policy group. The name and sequence
number define one policy; each policy
group has a maximum of 100 policies.

Issue 01.01 (30 March 2009)

Nortel Networks Inc.

2-27

See also other documents in the category Panasonic Routers: