4 configuration via the command line interface, In this chapter, Reference network – Nortel Networks 608(WL) User Manual

Page 103: Configuration via the command line interface, Chapter 4

Advertising
background image

Chapter 4

Configuration via the Command Line Interface

E-DOC-CTC-20051017-0169 v0.1

101

4 Configuration via the Command Line Interface

In this chapter

This chapter describes the basic configuration steps for building an operational
IPSec via the Command Line Interface. Firstly, a reference network is proposed, that
serves in examples throughout the chapter. Then an outline of the configuration
procedure is presented. The individual steps are described in detail in the
subsequent sections.

Reference network

A simple yet realistic VPN reference set-up is defined, as shown below:

This reference model represents a small network that can be built with off-the-shelf
equipment in a test lab. In addition, a small-scale field trial in a statically configured
network environment can be set up according to this model.

The model represents a network where two site managers are engaged in
connecting their private LANs via a secure tunnel through the Internet. At Site A the
local network 10.0.0.0/24 is connected to the Internet by means of a SpeedTouch™
gateway. At Site B the SpeedTouch™ gateway provides Internet access for the
private network 20.0.0.0/24. An IPSec tunnel is established between both
SpeedTouch™ routers in order to provide secure communication between hosts on
the private networks over the public Internet.

It is assumed that IP connectivity is established between the two Security Gateways
(the local and remote SpeedTouch™). The IP connectivity is based on fixed public IP
addresses at the WAN interfaces of the SpeedTouch™ routers, unless otherwise
noted. Also the respective LAN sections are assumed to use statically configured IP
addresses for all hosts.

Finally, a basic application scenario is established for this reference network. It is
assumed that at both sides of the connection a single host is connected to the
private LAN.

Host

20.0.0.5

Internet

SpeedTouch A

SpeedTouch B

100.100.0.1

200.200.0.1

10.0.0.254

20.0.0.254

Network 10.0.0.0/24

Network 20.0.0.0/24

Host

10.0.0.1

Advertising
This manual is related to the following products:

620

Popular Brands
Popular manuals