158 IPsec VPN configuration
3
4
5
6
Table 83
Variable definitions
Variable
tunnel
transport
Enabling the dynamic IPsec policy
Enable the dynamic IPsec policy.
Step
1
2
3
4
Copyright © 2007, Nortel Networks
.
To specify configuration of dynamic IKE policies for remote access,
enter:
dynamic
To specify the remote access IPsec policy to configure, enter:
ipsec policy <name> {modecfg-group | l2tp-group}
To specify the IPsec proposal template to configure, enter:
proposal <1-5>
To configure the encapsulation mode, enter:
mode {transport | tunnel}
Value
Specifies tunnel mode. In tunnel mode the IP header
of the packet is encapsulated into a new IP header
with a routable destination IP address. Protection is
offered for the complete packet. This is the default
mode.
Specifies transport mode. In transport mode, the old
IP address is retained and the hash (in case of AH)
is generated over the payload and delivered to the
peer. The protection is offered only for the pay load.
Action
To enter the configuration mode, enter:
configure terminal
To specify crypto configuration for IPsec and IKE, enter:
crypto
To specify configuration of dynamic IKE policies for remote access,
enter:
dynamic
To specify the remote access IPsec policy to configure, enter:
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600 01.02 Standard
10.0 3 August 2007
—End—