IP Security - Virtual Private Network
Left running head:
Chapter name (automatic)
872
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
DEFAULT CONFIGURATION FOR AN IPSEC PROFILE ON OMNIACCESS 5740 USG
The OmniAccess 5740 USG provides the following default configurations for an
IPsec Profile:
• If an IKE policy is not configured, the ‘default’ ike policy is applied to the IPsec
profile. Following are the default values for IKE policy:
i. Default proposal in IKE policy: md5-des
ii. Default PFS group in IKE policy: pfs group2
iii. Default IPsec security-association lifetime in seconds: 28800
iv. Default IKE lifetime in seconds: 86400
• Default authentication mechanism: Pre-shared Keys (PSK)
• If a transform set is not configured, the ‘default’ transform set is applied to the
profile. Following are the default values for transform-set:
i. esp-sha1-des
ii. esp-md5-des
• If a crypto IPsec profile is not configured, you can attach the ‘default’ profile to an
interface. Following are the default values within a profile:
i. Default IKE policy in an IPsec profile: ‘default’ IKE policy
ii. Default transform set in an IPsec profile: ‘default’ transform set
iii. Default PFS group in an IPsec profile: pfs group2.
iv. Default lifetime in seconds for an IPsec profile: 28800
To Next Page
Loading...
