AudioCodes Mediant 3000 User Manual page 154
Enterprise session border controller / voip digital media gateway
Hide thumbs
Also See for Mediant 3000:
- User manual (1070 pages) ,
- Installation manual (90 pages) ,
- Hardware installation manual (88 pages)
Table of Contents
Advertisement
Parameter Name
Shared Key
[IPsecSATable_SharedK
ey]
Source Port
[IPsecSATable_SourceP
ort]
Destination Port
[IPsecSATable_DestPort]
Protocol
[IPsecSATable_Protocol]
IKE SA Lifetime
[IPsecSATable_Phase1S
aLifetimeInSec]
IPSec SA Lifetime (sec)
[IPsecSATable_Phase2S
aLifetimeInSec]
IPSec SA Lifetime (Kbs)
[IPsecSATable_Phase2S
aLifetimeInKB]
Dead Peer Detection Mode
[IPsecSATable_DPDmod
e]
User's Manual
certificates, see 'Replacing the Device's Certificate' on page 105.
Defines the pre-shared key (in textual format). Both peers must use
the same pre-shared key for the authentication process to succeed.
Notes:
This parameter is applicable only if the Authentication Method
parameter is set to pre-shared key.
The pre-shared key forms the basis of IPSec security and
therefore, it should be handled with care (the same as sensitive
passwords). It is not recommended to use the same pre-shared
key for several connections.
Since the ini file is plain text, loading it to the device over a secure
network connection is recommended. Use a secure transport such
as HTTPS, or a direct crossed-cable connection from a
management PC.
After it is configured, the value of the pre-shared key cannot be
retrieved.
Defines the source port to which this configuration applies.
The default is 0 (i.e., any port).
Defines the destination port to which this configuration applies.
The default is 0 (i.e., any port).
Defines the protocol type to which this configuration applies. Standard
IP protocol numbers, as defined by the Internet Assigned Numbers
Authority (IANA) should be used, for example:
0 = Any protocol (default)
17 = UDP
6 = TCP
Defines the duration (in seconds) for which the negotiated IKE SA
(Main mode) is valid. After this time expires, the SA is re-negotiated.
The default is 0 (i.e., unlimited).
Note: Main mode negotiation is a processor-intensive operation; for
best performance, do not set this parameter to less than 28,800 (i.e.,
eight hours).
Defines the duration (in seconds) for which the negotiated IPSec SA
(Quick mode) is valid. After this time expires, the SA is re-negotiated.
The default is 0 (i.e., unlimited).
Note: For best performance, a value of 3,600 (i.e., one hour) or more
is recommended.
Defines the maximum volume of traffic (in kilobytes) for which the
negotiated IPSec SA (Quick mode) is valid. After this specified
volume is reached, the SA is re-negotiated.
The default is 0 (i.e., the value is ignored).
Defines dead peer detection (DPD), according to RFC 3706.
[0] DPD Disabled (default)
[1] DPD Periodic = DPD is enabled with message exchanges at
regular intervals
[2] DPD on demand = DPD is enabled with on-demand checks -
message exchanges as needed (i.e., before sending data to the
peer). If the liveliness of the peer is questionable, the device sends
154
Description
Document #: LTRT-89729
Mediant 3000
Advertisement
Table of Contents
Troubleshooting
