File
8
VPNE-SERVER : INTERNET APPLICATIONS
Ed. 04 9/10Réf. 3EH 21000 BSAA
Phase 2 identities
There is also an identity payload exchange during Phase 2, but this one only refers to the subnets being
protected. Both parties send the IP parameters of the subnets (both local and remote) that are going
to be protected by this tunnel. These parameters must match on the two sides for the exchange to be
valide.
Any misconfiguration of remote subnet and/or remote mask may cause the remote to send an
INVALID_ID information message.
Branch Office
Main Office
OmniPCX Office
IPsec gateway
IPsec Gateway
Internet
212.25.53.212
193.193.28.19
192.168.168.32/255.255.255.240
10.0.20.0/255.255.255.0
WAN Public IP addresses
Protected Subnets
LocalSubnet = 192.168.168.32
Local Mask = 255.255.255.240
(Local ID = 212.25.53.212)*
Remote
Gw = 193.193.28.19
Remote
Subnet = 10.0.20.0
Remote Mask = 255.255.255.0
(Remote ID = 193.193.28.19)*
Local
Subnet = 10.0.20.0
Local Mask = 255.255.255.0
Local ID = 193.193.28.19
Remote
Gw = 212.25.53.212
Remote
Subnet = 192.168.168.32
Remote Mask = 255.255.255.240
Remote ID = 212.25.53.212
* These parameters are not configurable on the
Alcatel OmniPCX Office
To Next Page
Loading...
Need help?
General