Configuring Transform-Sets - Avaya G250 Administration
Media gateway
Hide thumbs
Also See for G250:
- Administration manual (840 pages) ,
- Reference (812 pages) ,
- Administration (720 pages)
Table of Contents
Advertisement
To configure an ISAKMP policy:
1. Use the crypto isakmp policy command, followed by an index number between 1 and
20, to enter the context of an ISAKMP policy list (and to create the list if it does not exist).
G350-001# crypto isakmp policy 1
G350-001(config-isakmp:1)#
2. You can use the following commands to set the parameters of the ISAKMP policy:
Use the description command to assign a description to the ISAKMP policy.
●
Use the encryption command to set the encryption algorithm for the ISAKMP policy.
●
Possible values are des (default), 3des, aes, aes-192 and aes-256.
Use the hash command to set the hash (authentication) algorithm for the ISAKMP policy.
●
Possible values are md5 and sha (default).
Use the group command to set the Diffie-Hellman group for the ISAKMP policy. Possible
●
values are 1 (default), 2, 5 and 14.
Use the lifetime command to set the lifetime of the ISAKMP SA, in seconds. The
●
range of values is 60-86,400 seconds (default is 86,400)
G350-001(config-isakmp:1)# description "lincroft ike"
Done!
G350-001(config-isakmp:1)# encryption des
Done!
G350-001(config-isakmp:1)# hash md5
Done!
G350-001(config-isakmp:1)# group 1
Done!
G350-001(config-isakmp:1)# lifetime 60000
Done!
3. Exit the ISAKMP policy context using the exit command.
G350-001(config-isakmp:1)# exit
G350-001#
Configuring transform-sets
A transform-set defines the IKE phase 2 parameters. It specifies the encryption and
authentication algorithms to be used for, sets a security association lifetime, and specifies
whether PFS is enabled and which DH group it uses. In addition, it specifies the IPSec VPN
mode (tunnel or transport).
Note:
You can define up to 20 transform-sets.
Note:
Configuring a site-to-site IPSec VPN
Issue 1.1 June 2005
369
Advertisement
Table of Contents
