Ipsec Parameters; Table 6-25: Ipsec Parameters - AudioCodes MP-124 User Manual
Cpe & access analog gateways
Hide thumbs
Also See for MP-124:
- User manual (486 pages) ,
- Hardware installation manual (44 pages) ,
- User manual (390 pages)
Table of Contents
Advertisement
6.4.6
IPSec Parameters
The Internet Protocol security (IPSec) parameters are described in the table below.
Parameter
IPSec Parameters
Web: Enable IP Security
EMS: IPSec Enable
[EnableIPSec]
Web: Dead Peer
Detection Mode
EMS: DPD Mode
[IPSecDPDMode]
IPSec Table
[IPSEC_SPD_TABLE]
SIP User's Manual
Table 6-25: IPSec Parameters
Enables or disables IPSec on the device.
[0] Disable = IPSec is disabled (default).
[1] Enable = IPSec is enabled.
Note: For this parameter to take effect, a device reset is required.
Enables the Dead Peer Detection (DPD) 'keep-alive' mechanism
(according to RFC 3706) to detect loss of peer connectivity.
[0] Disabled (default).
[1] Periodic = message exchanges at regular intervals.
[2] On Demand = message exchanges as needed (i.e., before sending
data to the peer). If the liveliness of the peer is questionable, the
device sends a DPD message to query the status of the peer. If the
device has no traffic to send, it never sends a DPD message.
For detailed information on DPD, refer to the Product Reference Manual.
This ini file table parameter configures the IPSec SPD table. The format
of this parameter is as follows:
[IPSEC_SPD_TABLE]
Format SPD_INDEX = IPSecMode, IPSecPolicyRemoteIPAddress,
IPSecPolicySrcPort, IPSecPolicyDStPort,IPSecPolicyProtocol,
IPSecPolicyLifeInSec, IPSecPolicyLifeInKB,
IPSecPolicyProposalEncryption_X,
IPSecPolicyProposalAuthentication_X,
IPSecPolicyKeyExchangeMethodIndex,
IPSecPolicyLocalIPAddressType,
IPSecPolicyRemoteTunnelIPAddress,
IPsecPolicyRemoteSubnetMask;
[\IPSEC_SPD_TABLE]
For example:
IPSEC_SPD_TABLE 0 = 0, 10.11.2.21, 0, 0, 17, 900, 1,2, 2,2 ,1, 0;
In the example above, all packets designated to IP address 10.11.2.21
that originate from the OAMP interface (regardless of destination and
source ports) and whose protocol is UDP are encrypted. The IPSec SPD
also defines an SA lifetime of 900 seconds and two security proposals
(DES/SHA1 and 3DES/SHA1). IPsec is performed using the Transport
mode.
Notes:
Each row in the table refers to a different IP destination.
To support more than one Encryption / Authentication proposal, for
each proposal specify the relevant parameters in the Format line.
The proposal list must be contiguous.
For a detailed description of this table and to configure the table using
the Web interface, refer to ''Configuring the IPSec Table'' on page 85.
246
Description
Document #: LTRT-65412
MP-11x & MP-124
- Quick Links:
- Accessing the Web Interface
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
