Manualshelf

Router User Manual

ManualsBrandsPanasonic ManualsNetwork Router8000
71727374757677787980
Nortel Secure Router 8000 Series
Troubleshooting - VAS 2 IPSec and IKE troubleshooting
Issue 01.01 (30 March 2009) Nortel Networks Inc. 2-29
Configuring an IPSec proposal
# Configure the name of the IPSec proposal to tran1 and the encapsulation type to transport
mode to save bandwidth. Configure the proposal to use the security protocol ESP, the
algorithm SHA-1, and the encryption algorithm DES.
[RouterA] ipsec proposal tran1
[RouterA-ipsec-proposal-tran1] encapsulation-mode transport
[RouterA-ipsec-proposal-tran1] transform esp
[RouterA-ipsec-proposal-tran1] esp authentication-algorithm sha1
[RouterA-ipsec-proposal-tran1] esp encryption-algorithm des
Configuring an IPSec policy template
# Configure the name of the IPSec policy template to maptemp and the sequence number to
10. The ACL is not required. Apply the configured IPSec proposal to the policy and specify
the IKE peer.
[RouterA] ipsec policy-template maptemp 10
[RouterA-ipsec-policy-templet-maptemp-10] proposal tran1
[RouterA-ipsec-policy-templet-maptemp-10] ike-peer C
Configuring an IPSec policy
# Configure the name of IPSec policy to map1, the sequence number to 100, and the
negotiation mode to ISAKMP, and use the IPSec policy template maptemp.
[RouterA] ipsec policy map1 100 isakmp template maptemp
Applying an IPSec policy group
# Apply the IPSec policy map1 on the GE interface.
[RouterA] interface GigabitEthernet 1/0/1
[RouterA-GigabitEthernet1/0/1] ipsec policy map1