Configuring an ipsec proposal, Configuring an ipsec policy template, Configuring an ipsec policy – Panasonic 8000 User Manual

Nortel Secure Router 8000 Series
Troubleshooting - VAS__________

2 IPSec and IKE troubleshooting

Configuring an IPSec proposal

# Configure the name of the IPSec proposal to tran1 and the encapsulation type to transport
mode to save bandwidth. Configure the proposal to use the security protocol ESP, the
algorithm SHA-1, and the encryption algorithm DES.

[RouterA] ipsec proposal trant

[RouterA-ipsec-proposal-t^rani]

[RouterA-ipsec-proposal-t^rani]

[RouterA-ipsec-proposal-t^rani]

[RouterA-ipsec-proposal-t^rani]

encapsulation-mode transport

transform esp

esp authentication-algorithm shat

esp encryption-algorithm des

Configuring an IPSec policy template

# Configure the name of the IPSec policy template to maptemp and the sequence number to

10. The ACL is not required. Apply the configured IPSec proposal to the policy and specify

the IKE peer.

[RouterA] ipsec policy-template maptemp 10

[RouterA-ipsec-policy-templet^-maptemp-iQ] proposal tranl

[RouterA-ipsec-policy-templet^-maptemp-iQ] ike-peer C

Configuring an IPSec policy

# Configure the name of IPSec policy to map1, the sequence number to 100, and the
negotiation mode to ISAKMP, and use the IPSec policy template maptemp.

[RouterA] ipsec policy mapl 100 isakmp template maptemp

Applying an IPSec policy group

# Apply the IPSec policy map1 on the GE interface.

[RouterA] interface GigabitEthernet 1/0/1

[RouterA-Gigabi^tEtherneti/Q/i] ipsec policy map1

Issue 01.01 (30 March 2009)

Nortel Networks Inc.

2-29