Ipsec net-to-net, Ipsec replay, Ipsec vpn_ipsec – Carrier Access Adit 3000 Series and Multi-Service Router (MSR) Card none User Manual

4-24

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

Global Configuration Mode

Global Configuration Commands

ipsec net-to-net

Use the ipsec net-to-net command to create a network-to-network connection.

Syntax:

(config)# ipsec net-to-net remote-ip {

address|any} remote-subnet

{ip

address mask mask|any} pre-share secret

Example:

(config)# ipsec net-to-host remote-ip 10.10.1.1 pre-share

mysecret

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

ipsec replay

Use the ipsec replay command to enable anti-replay protection. To disable anti-replay protection, see
no ipsec replay command on page 4-41.

Syntax:

(config)# ipsec replay

Example:

(config)# ipsec replay

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

ipsec vpn_ipsec

Use the ipsec vpn_ipsec command to allow access to configuration commands for a specific IPSec
connection. See Chapter 14, Configuration - IPSec Mode for commands in this mode. To delete this
interface, see no ipsec vpn_ipsec command on page 4-42.
Note: This connection must be created first. See ipsec net-to-host command on page 4-23 and ipsec net-
to-net command on page 4-24 to create an IPSec connection.

Syntax:

(config)# ipsec vpn_ipsec

connection-id

Example:

(config)# ipsec vpn_ipsec 1

(config-ipsec-1)#

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

Field

Definition

remote-ip

address - Enter the remote tunnel endpoint address.
any - Allow any IP address.

remote-subnet

address - Enter an IP address if it is a remote IP.
mask - Enter an IP mask if it is a remote IP.
any - Allow any IP address.

secret

Enter a pre-shared secret string.

Field

Definition

connection-id

Enter the name of a connection.