1 basic ipsec configuration procedure, Terminology, Basic ipsec configuration procedure – Nortel Networks 608(WL) User Manual

Page 104: Chapter 4

Advertising
background image

Chapter 4

Configuration via the Command Line Interface

E-DOC-CTC-20051017-0169 v0.1

102

4.1 Basic IPSec configuration procedure

Terminology

The SpeedTouch™ uses specific IPSec terms and definitions. The following table
relates these terms to the question to be solved when setting up an IPSec
connection to a remote network

Setting up a basic IPSec configuration with the SpeedTouch™ involves the creation
of a Peer entity and an IPSec Connection.

A Peer bundles all the parameters related to the IKE Security Association (also
called Phase 1 SA). Some Phase 1 parameters are grouped in peer attributes, which
are referred to by their symbolic name. Two peer attributes are defined:



the Authentication Attribute refers to the user authentication parameters
required to set up the IKE Security Association



the Peer Security Descriptor groups the security parameters of the IKE
Security Association.

It is required to create some valid peer attributes prior to the creation of an
operational peer.

A Connection bundles all the parameters related to a bi-directional IPSec
connection (consisting of two Phase 2 Security Associations).



The Phase 2 security parameters are bundled in a Connection Security
Descriptor.



A Network Descriptor describes the remote private network that is accessible
via the IPSec connection.

A valid Connection contains a reference to both descriptors. Therefore some valid
descriptors should be present in the SpeedTouch™ prior to the creation of an
operational peer.

What do we want to do?

How do we configure it in the
SpeedTouch™?

Define the remote Security Gateway to
which we want to set up an IKE
session.

Define a Peer.

Set how we will authenticate with this
remote Security Gateway.

Define an Authentication Attribute.

Set what security will be applied to the
IKE session.

Define a Peer Security Descriptor.

Define the characteristics of the IPSec
connection.

Define a Connection.

Define which remote private network
we want to access.

Define a Network Descriptor.

Set what security will be applied to the
IPSec connection.

Define a Connection Security
Descriptor.

Advertising
This manual is related to the following products:

620

Popular Brands
Popular manuals