EasyManua.ls Logo

Avaya G430 - Page 491

Avaya G430
696 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
5. If you wish to work in IKE aggressive mode, use the initiate mode
aggressive command.
Note:
Aggressive mode is one of the prerequisites for working with dynamic local peer
IP addresses. For more information about working with dynamic local peer IP
addresses, see
Dynamic local peer IP on page 509.
For example:
Gxxx-001(config-peer:149.49.70.1)# initiate mode aggressive
Done!
6. If you want to listen in to communication from a remote peer that has a dynamic IP
address, use the initiate mode none command.
In this mode, the device can only accept inbound IKE Aggressive Mode connections
from the peer, and is not able to initiate IKE phase-1 (Main Mode or Aggressive
Mode) to the peer, nor is the peer able to participate as part of a peer-group. In
addition, specifying the continuous-channel command when configuring the
crypto ISAKMP peer information has no effect in this mode. For more information
on continuous-channel, see Continuous channel on page 512.
7. Specify the branch device (Branch Gateway) by its address or by the FQDN name
that identifies the Branch Gateway in the remote peer, using the self-
identity command.
Note:
Specifying self-identity as a name is one of the prerequisites for working with
dynamic local peer IP addresses. For more information about working with
dynamic local peer IP addresses, see
Dynamic local peer IP on page 509.
For example:
Gxxx-001(config-peer:149.49.70.1)# self-identity address
Done!
Gxxx-001(config-peer:149.49.70.1)# self-identity fqdn vpn.avaya.com
Done!
8. Enable Dead Peer Detection (DPD) keepalives that check whether the remote peer
is up using the keepalive command, followed by the number of seconds between
DPD keepalive probes, and the number of seconds between retries if keepalive
fails.
The following example sets DPD keepalive to send probes every 10 seconds, and
to send retries every two seconds if DPD keepalive fails.
Gxxx-001(config-peer:149.49.70.1)# keepalive 10 retry 2
Done!
9. Bind peer status to an object tracker that can monitor hosts inside the remote peer’s
protected network.
IPSec VPN
Administering Avaya G430 Branch Gateway October 2013 491

Table of Contents

Other manuals for Avaya G430

Preview: Installation And Upgrades
Installation And Upgrades155 pages
Preview: Deploying And Upgrading
Deploying And Upgrading144 pages
Preview: Quick Start For Hardware
Quick Start For Hardware30 pages
Preview: Configuration Manual
Configuration Manual42 pages
Preview: Installing
Installing13 pages

Related product manuals