A.4.6
IPSec Parameters
The Internet Protocol security (IPSec) parameters are described in the table below.
Parameter
IPSec Parameters
Web: Enable IP Security
EMS: IPSec Enable
[EnableIPSec]
Web: IP Security Associations Table
EMS: IPSec SA Table
[IPSecSATable]
Web: IP Security Proposal Table
EMS: IPSec Proposal Table
[IPSecProposalTable]
SIP User's Manual
Table A-24: IPSec Parameters
Enables IPSec on the device.
[0] Disable (default)
[1] Enable
Note: For this parameter to take effect, a device reset is required.
This parameter table defines the IPSec SA table. This table allows you to
configure the Internet Key Exchange (IKE) and IP Security (IPSec)
protocols. You can define up to 20 IPSec peers.
The format of this parameter is as follows:
[ IPsecSATable ]
FORMAT IPsecSATable_Index =
IPsecSATable_RemoteEndpointAddressOrName,
IPsecSATable_AuthenticationMethod, IPsecSATable_SharedKey,
IPsecSATable_SourcePort, IPsecSATable_DestPort,
IPsecSATable_Protocol, IPsecSATable_Phase1SaLifetimeInSec,
IPsecSATable_Phase2SaLifetimeInSec,
IPsecSATable_Phase2SaLifetimeInKB, IPsecSATable_DPDmode,
IPsecSATable_IPsecMode, IPsecSATable_RemoteTunnelAddress,
IPsecSATable_RemoteSubnetIPAddress,
IPsecSATable_RemoteSubnetPrefixLength,
IPsecSATable_InterfaceName;
[ \IPsecSATable ]
For example:
IPsecSATable 1 = 0, 10.3.2.73, 0, 123456789, 0, 0, 0, 0, 28800, 3600, ;
In the above example, a single IPSec/IKE peer (10.3.2.73) is configured.
Pre-shared key authentication is selected, with the pre-shared key set to
123456789. In addition, a lifetime of 28800 seconds is selected for IKE
and a lifetime of 3600 seconds is selected for IPSec.
Notes:
Each row in the table refers to a different IP destination.
To support more than one Encryption/Authentication proposal, for
each proposal specify the relevant parameters in the Format line.
The proposal list must be contiguous.
For a detailed description of this table and to configure the table using
the Web interface, see 'Configuring IP Security Associations Table' on
page 137.
For configuring ini file table parameters, see 'Configuring ini File Table
Parameters' on page 84.
This parameter table defines up to four IKE proposal settings, where each
proposal defines an encryption algorithm, an authentication algorithm,
and a Diffie-Hellman group identifier.
576
Mediant 600 & Mediant 1000
Description
Document #: LTRT-83310