IP
T
I
SEC
UNNEL
Refer to the following sections for configuring IPsec tunnel interface:
•
"IPsec Tunnel Interface Configuration Commands"
•
"IPsec VPN Configuration Flow"
•
"IPsec Configuration Commands"
•
"IPsec VPN Show Commands"
IP
T
I
SEC
UNNEL
NTERFACE
The following are the steps to configure IPsec tunnel interface on the OA-700:
Step 1: Following IPsec VPN configuration is pre-requisite for IPsec tunnel
configuration. These are mandatory for IPsec tunnel functioning.
The configurations for all these parameters (preshared key/X.509
certificates, IKE policy, Transform Set) are already given in the earlier
sections of the document; hence it is not repeated in this section. Use the
links to see the specific commands.
•
Configure a preshared key using. See
Key"
Note:
While configuring preshared key for IPsec Tunnel interface, the peer address should
be the destination IP address configured on the tunnel interface.
OR
Configure X.509 certificates. See
Certificates"
•
Configure IKE policy. See
•
Configure a Transform Set. See
Step 2: Configure IPsec Profile. See
Profile related commands.
Step 3: Enter Interface Configuration Mode
CLI Configuration Guide
Beta
C
NTERFACE
ONFIGURATION
C
ONFIGURATION
"To Configure an IKE Policy"
ALU(config)# interface <name>
Example:
ALU(config)# interface GigabitEthernet7/0
ALU(config-if GigabitEthernet7/0)#
Alcatel-Lucent
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
IPsec Tunnel Interface Configuration
S
TEPS
"IPsec Configuration with Preshared
"IPsec Configuration with X.509
"To Configure Transform-set in IPsec"
"To Configure IPsec
Profile". And, configure
805
Beta