IPsec VPN Configuration
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
835
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
TO CONFIGURE AUTHENTICATION TYPE
EXAMPLE
ALU(config-crypto-ike-policy-P1)# authentication pre-shared
Note: If the Authentication type is not explicitly configured, default pre-shared is used.
TO CONFIGURE TRANSFORM-SET IN IPSEC
A transform set represents a certain combination of security protocols and
algorithms. During the IPsec security association negotiation, the peers agree to
use a particular transform set for protecting a particular data flow.
Note: You can specify a maximum of 4 values in a t r a n s f orm se t .
Note: The “force“ keyword is used to modify or edit the transform-set in use.
Options for proposal under transform-set:
• esp-md5-3des encapsulation with MD5 and 3DES encryption
• esp-md5-aes128 encapsulation with MD5 and 128 bit AES encryption
• esp-md5-aes192 encapsulation with MD5 and 192 bit AES encryption
• esp-md5-aes256 encapsulation with MD5 and 256 bit AES encryption
• esp-md5-des encapsulation with MD5 and 56 bit DES encryption
• esp-sha1-3des encapsulation with SHA1 and 3DES encryption
• esp-sha1-aes128 encapsulation with SHA1 and 128 bit AES encryption
• esp-sha1-aes192 encapsulation with SHA1 and 192 bit AES encryption
• esp-sha1-aes256 encapsulation with SHA1 and 256 bit AES encryption
• esp-sha1-des encapsulation with SHA1 and 56 bit DES encryption
Command (in IKE Policy CM) Description
authentication {pre-shared|rsa-sig} This command configures the
authentication type to be used
during IKE negotiation.
Command (in CM) Description
crypto ipsec transform-set <name>
{<algo>[<algo>][<algo>] [<algo>]}
[force]
This command creates a
transform-set.
To Next Page
Loading...
