beautypg.com

Configuring ipsec mobility and persistence, Configuring ipsec mobility – Panasonic 7 User Manual

Page 156

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

background image

156 Chapter 8 Configuring IPSec mobility and persistent mode

Session persistence time should be longer than the roaming time as persistence
starts only after roaming fails. There is no direct relation between persistence and
any other timers on the Nortel VPN Router.

However, the Nortel VPN Client will not enter persistence mode if the previous
log off happened due to a log off message received from the Nortel VPN Router.

This allows you to force a rogue user log off any time even when persistence is on.
The client continues to attempt connections to a list of servers cyclically when the
existing tunnel goes down (due to events such as roaming timeout) for a period
equal to persistence time after the initial login.

Persistent mode will work with no failover list by trying the connection to the

same Nortel VPN Router. The original Nortel VPN Router is included in the list

that the client tries to connect to. If no servers are set in the failover list, the

original Nortel VPN Router is tried persistently.

Configuring IPSec mobility and persistence

IPSec mobility is a licensed feature. Contact your Nortel representative to obtain a

license key. To install the Advanced Routing license key:

1

Go to Admin > License Keys

2

Enter the Advance Routing license.

3

Click on OK.

Configuring IPSec mobility

The IPSec mobility and persistence features are configured at the user/group level.
To configure NAT traversal, see Nortel VPN Router SecurityFirewalls, Filters,

NAT, and QoS . You do not have to enable IPSec mobility and persistence

together. You can use either or both as is suitable for your environment.

To configure IPSec mobility and persistence through the GUI:

1 Go to Profiles > Groups. In the IPSec section, click Configure. The Edit

IPSec window appears as shown in Figure 32 on page 157.

NN46110-500