Ipsec Remote Access Mode Configuration Group Method - Avaya 1000 Series Configuration Manual
Secure router
Hide thumbs
Also See for 1000 Series:
- Reference (700 pages) ,
- Manual (570 pages) ,
- Hardware installation and maintenance (262 pages)
Table of Contents
Advertisement
match address 172.16.0.1 32
Router>1/configure/crypto/dynamic/ipsec/policy admin>
proposal 1
Router>1/configure/crypto/dynamic/ipsec/policy
admin/proposal 1> encryption-algorithm aes128-cbc
IPSec Remote Access Mode Configuration Group Method
The following example demonstrates how to configure a Secure Router to be an IPSec VPN
server using mode-configuration method. The client could be any standard mode config
enabled IPSec VPN client.
In this example, the client needs to access the corporate private network 10.0.1.0/24 through
the VPN tunnel. The server has a pool of IP addresses from 20.1.1.100 through 20.1.1.150 to
be allocated for mode config enabled VPN clients. The assigned IP address is used by the
VPN client as the source address in the inner IP header. The outer IP header will carry the
dynamic IP address assigned by the Internet Service Provider as the source address. The
security requirements are as follows:
3DES with SHA1, Mode Config
IPSec ESP tunnel with AES256 and HMAC-SHA1
Avaya Secure Router 1000 Series Configuration Guide
IPSec Remote Access Mode Configuration Group Method
December 2010
237
Advertisement
Table of Contents
Troubleshooting
