AudioCodes MediaPack Series MP-11x

To Next Page

To Previous Page

Version 6.6 139 MP-11x & MP-124

User's Manual 12. Security

Parameter Name Description

Operational Mode

[IPsecSATable_IPsecMode]

Defines the IPSec mode of operation.

 [0] Transport (default)

 [1] Tunnel

Remote Endpoint Addr

[IPsecSATable_RemoteEndpointAd

dressOrName]

Defines the IP address or DNS host name of the peer.

Note: This parameter is applicable only if the Operational

Mode is set to Transport.

Authentication Method

[IPsecSATable_AuthenticationMeth

od]

Defines the method for peer authentication during IKE main

mode.

 [0] Pre-shared Key (default)

 [1] RSA Signature = in X.509 certificate

Note: For RSA-based authentication, both peers must be

provisioned with certificates signed by a common CA. For

more information on certificates, see 'Replacing the Device's

Certificate' on page 93.

Shared Key

[IPsecSATable_SharedKey]

Defines the pre-shared key (in textual format). Both peers

must use the same pre-shared key for the authentication

process to succeed.

Notes:

 This parameter is applicable only if the Authentication

Method parameter is set to pre-shared key.

 The pre-shared key forms the basis of IPSec security and

therefore, it should be handled with care (the same as

sensitive passwords). It is not recommended to use the

same pre-shared key for several connections.

 Since the ini file is plain text, loading it to the device over

a secure network connection is recommended. Use a

secure transport such as HTTPS, or a direct crossed-

cable connection from a management PC.

 After it is configured, the value of the pre-shared key

cannot be retrieved.

Source Port

[IPsecSATable_SourcePort]

Defines the source port to which this configuration applies.

The default value is 0 (i.e., any port).

Destination Port

[IPsecSATable_DestPort]

Defines the destination port to which this configuration

applies.

The default value is 0 (i.e., any port).

Protocol

[IPsecSATable_Protocol]

Defines the protocol type to which this configuration applies.

Standard IP protocol numbers, as defined by the Internet

Assigned Numbers Authority (IANA) should be used, for

example:

 0 = Any protocol (default)

 17 = UDP

 6 = TCP

IKE SA Lifetime

[IPsecSATable_Phase1SaLifetimeIn

Sec]

Defines the duration (in seconds) for which the negotiated

IKE SA (Main mode) is valid. After this time expires, the SA

is re-negotiated.

The default value is 0 (i.e., unlimited).

Note: Main mode negotiation is a processor-intensive

operation; for best performance, do not set this parameter to

AudioCodes MediaPack Series MP-11x

Table of Contents

Other manuals for AudioCodes MediaPack Series MP-11x

Related product manuals