Ipsec net-to-net, Ipsec replay, Ipsec vpn_ipsec – Carrier Access Adit 3000 Series and Multi-Service Router (MSR) Card none User Manual
Page 150
4-24
Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI
Global Configuration Mode
Global Configuration Commands
ipsec net-to-net
Use the ipsec net-to-net command to create a network-to-network connection.
Syntax:
(config)# ipsec net-to-net remote-ip {
address|any} remote-subnet
{ip
address mask mask|any} pre-share secret
Example:
(config)# ipsec net-to-host remote-ip 10.10.1.1 pre-share
mysecret
Supported Platforms:
Adit 3104, Adit 3200, Adit 3500, MSR
ipsec replay
Use the ipsec replay command to enable anti-replay protection. To disable anti-replay protection, see
no ipsec replay command on page 4-41.
Syntax:
(config)# ipsec replay
Example:
(config)# ipsec replay
Supported Platforms:
Adit 3104, Adit 3200, Adit 3500, MSR
ipsec vpn_ipsec
Use the ipsec vpn_ipsec command to allow access to configuration commands for a specific IPSec
connection. See Chapter 14, Configuration - IPSec Mode for commands in this mode. To delete this
interface, see no ipsec vpn_ipsec command on page 4-42.
Note: This connection must be created first. See ipsec net-to-host command on page 4-23 and ipsec net-
to-net command on page 4-24 to create an IPSec connection.
Syntax:
(config)# ipsec vpn_ipsec
connection-id
Example:
(config)# ipsec vpn_ipsec 1
(config-ipsec-1)#
Supported Platforms:
Adit 3104, Adit 3200, Adit 3500, MSR
Field
Definition
remote-ip
address - Enter the remote tunnel endpoint address.
any - Allow any IP address.
remote-subnet
address - Enter an IP address if it is a remote IP.
mask - Enter an IP mask if it is a remote IP.
any - Allow any IP address.
secret
Enter a pre-shared secret string.
Field
Definition
connection-id
Enter the name of a connection.