If no IPSec methods are defined (Encryption / Authentication), the default settings, shown in
the following table are applied.
Table 3-12: Default IKE Second Phase Proposals
Proposal Encryption Authentication
3DES
Proposal 0
SHA1
3DES
Proposal 1
MD5
DES
Proposal 2
SHA1
DES
Proposal 3
MD5
Table 3-13: IPSec SPD Table Configuration Parameters
Parameter Name Description
IPSec Mode Defines the IPSec mode of operation.
[IPSecMode]
[0]
Transport (Default)
[1]
Remote Tunnel IP Address
Tunneling
Defines the IP address of the remote
IPSec tunneling device.
[IPSecPolicyRemoteTunnelIPAddress]
Note:
IPSec is
applied to
outgoing
packets
that match
the values
defined for
these
parameters.
This parameter is available only if
the parameter IPSecMode is set to
Tunneling (1).
Remote Subnet Mask Defines the subnet mask of the remote
IPSec tunneling device.
The default value is 255.255.255.255
(i.e., host-to-host IPSec tunnel).
[IPsecPolicyRemoteSubnetMask]
Note:
Remote IP Address
This parameter is available only if
the parameter IPSecMode is set to
Tunneling (1).
Destination IP address (or FQDN) to
which the IPSec mechanism is applied.
[IPSecPolicyRemoteIPAddress]
Notes:
This parameter is mandatory.
When an FQDN is used, a DNS
server must be configured
(DNSPriServerIP).
Local IP Address Type Determines the local interface to which
the encryption is applied (applicable to
multiple IPs and VLANs).
[IPSecPolicyLocalIPAddressType]
[0]
OAM = OAMP interface (default).
[1]
Source Port
Control = Control interface.
Defines the source port to which the
IPSec mechanism is applied.
The default value is 0 (i.e., any port).
[IPSecPolicySrcPort]
Destination Port
Defines the destination port to which the
IPSec mechanism is applied.
The default value is 0 (i.e., any port).
[IPSecPolicyDstPort]
To Next Page
Loading...
