SIP User's Manual 96 Document #: LTRT-65415
MediaPack Series
Table 3-15: IP Security Associations Table Configuration Parameters
Parameter Name Description
Operational Mode
[IPsecSATable_IPsecMode]
Defines the IPSec mode of operation.
[0] Transport (default)
[1] Tunnel
Remote Endpoint Addr
[IPsecSATable_RemoteEndpointAddres
sOrName]
Defines the IP address or DNS host name of the peer.
Note: This parameter is applicable only if the
Operational Mode is set to Transport.
Authentication Method
[IPsecSATable_AuthenticationMethod]
Selects the method used for peer authentication during
IKE main mode.
[0] Pre-shared Key (default)
[1] RSA Signature = in X.509 certificate
Note: For RSA-based authentication, both peers must
be provisioned with certificates signed by a common
CA. For more information on certificates see ''Server
Certificate Replacement'' on page 62.
Shared Key
[IPsecSATable_SharedKey]
Defines the pre-shared key (in textual format). Both
peers must use the same pre-shared key for the
authentication process to succeed.
Notes:
This parameter is applicable only if the
Authentication Method parameter is set to pre-
shared key.
The pre-shared key forms the basis of IPSec
security and therefore, it should be handled with care
(the same as sensitive passwords). It is not
recommended to use the same pre-shared key for
several connections.
Since the ini file is plain text, loading it to the device
over a secure network connection is recommended.
Use a secure transport such as HTTPS, or a direct
crossed-cable connection from a management PC.
After it is configured, the value of the pre-shared key
cannot be retrieved.
Source Port
[IPsecSATable_SourcePort]
Defines the source port to which this configuration
applies.
The default value is 0 (i.e., any port).
Destination Port
[IPsecSATable_DestPort]
Defines the destination port to which this configuration
applies.
The default value is 0 (i.e., any port).
Protocol
[IPsecSATable_Protocol]
Defines the protocol type to which this configuration
applies. Standard IP protocol numbers, as defined by
the Internet Assigned Numbers Authority (IANA) should
be used, for example:
0 = Any protocol (default)
17 = UDP
6 = TCP
IKE SA Lifetime
[IPsecSATable_Phase1SaLifetimeInSec]
Determines the duration (in seconds) for which the
negotiated IKE SA (Main mode) is valid. After this time
expires, the SA is re-negotiated.
To Next Page
Loading...
Need help?
General
