Configuring Crypto-Lists - Avaya G250 Administration
Media gateways
Hide thumbs
Also See for G250:
- Administration manual (840 pages) ,
- Reference (812 pages) ,
- Administration (620 pages)
Table of Contents
Advertisement
Configuring IPSec VPN
6. Specify whether to enable continuous-channel IPSec (IKE phase 2), using the
continuous-channel command. The default setting is no continuous-channel,
which disables continuous-channel IPSec. For more explanations on continuous-channel
see
Enabling continuous channel
G350-001(config-crypto:1)# continuous-channel
Done!
7. Exit crypto map context using the exit command.
G350-001(config-crypto:1)# exit
G350-001#
Configuring crypto-lists
A crypto-list is an ordered list of ip-rules that control which traffic requires IPSec protection and
which does not, based on IP groups (source and destination IP addresses and wildcard). A
crypto-list is activated on an interface. The G250/G350 can have multiple crypto-lists activated
on different interfaces.
!
Important:
It is mandatory to create at least one crypto-list.
Important:
Note:
You can configure up to 100 crypto-lists.
Note:
1. Use the ip crypto-list command, followed by an index number between 901 and
999, to enter the context of a crypto-list (and to create the list if it does not exist).
G350-001# ip crypto-list 901
G350-001(Crypto 901)#
2. Specify the local IP address for the IPSec tunnels derived from this crypto-list, using the
local-address command. The local address can be either the IP address or the name
of an IP interface of the device.
!
Important:
local-address is a mandatory parameter.
Important:
G350-001(Crypto 901)# local-address 192.168.49.1
Done!
Or
G350-001(Crypto 901)# local-address FastEthernet 10/2
Done!
464 Administration for the Avaya G250 and Avaya G350 Media Gateways
on page 483.
Advertisement
Table of Contents
