Table 13 Ipsec Command Options - Nortel BayStack 100-S Reference

You can specify to use as many of the three encryption types or as many of the
three authorization types as you like. You can also specify the order in which you
would like these encryption or authorization types used.
Table 13 describes the

Table 13 ipsec command options

Option
name
key
mode
destination
local
Reference for the BayStack Instant Internet Remote Access Commands Version 7.11
Chapter 2 Using configuration commands
command options.
ipsec
Definition
Sets an arbitrary name that is assigned to a tunnel. Settings are
established for only the tunnel named.
This text field is a pre-shared key. If the key begins with 0x, it will be
considered a hexadecimal key. Otherwise, it will be a text key.
Turns aggressive mode on and off.
(default: main)
- Establish a secure, authenticated channel for
main
communicating between peers.
- Establish a channel for communicating between
aggressive
peers using the user name and password for authentication.
When ipsec is using the aggressive mode, the following
parameters are optional: local subnet (as initiator), destination,
and remote subnet (as responder).
Sets the endpoint of a tunnel. Specifies the IP address or a fully
qualified domain name (FQDN) that the connection will be
established with. If a string is specified for address, then that string
is "remembered" and a DNS lookup is performed for every attempt
to establish the tunnel. This way, if address is a DDNS host name,
the tunnel interface will automatically adapt to changes in the
destination. It also allows the use of round-robin DNS.
Specifies the subnet(s) that will be directed over the tunnel. For
more details, on how this option is used, refer to Using the
BayStack Instant Internet Management Software Version 7.11.
address - Specifies the IP address you want to be directed
over the tunnel
bits - Specifies the optional subnet mask of the IP address you
want to be directed over the tunnel
45