Avaya Configuring IPsec Services Bedienungsanleitung Seite 33
- Seite / 122
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Overview of IPsec
308630-14.00 Rev 00
1-13
Figure 1-4. Security Associations for Bidirectional Traffic
Under most circumstances, you will configure the Internet Key Exchange (IKE)
protocol to negotiate SAs between security gateways automatically. You can also
manually configure SAs.
How IKE Negotiates Security Associations
The Internet Key Exchange (IKE) protocol automates the process of IPsec SA
configuration by creating an IKE SA for Protect SA and Unprotect SA
negotiation. Each IKE peer sends IPsec SA parameter negotiation information in a
secure IKE packet. The peers generate keys based on the agreed parameters and
then verify each other’s identity. Once this is done, the IPsec SA is established.
The IKE protocol itself is secured through an IKE SA created using the
Diffie-Hellman algorithm (Oakley) to determine the key, and the authentication
methods described in “
Automated Security Associations Using Internet Key
Exchange (IKE)” on page 1-12. The Nortel Networks implementation uses a
pre-shared key.
Security Parameter Index (SPI)
A security parameter index (SPI) is an arbitrary but unique 32-bit (4 byte) value
that, when combined with the IP destination address and the numeric value of the
security protocol used (ESP), uniquely identifies the SA for a data packet.
IPsec discards any incoming ESP packet if the SPI does not match any SA in the
inbound security associations database (SAD).
IP0079A
Network
Security gateway Security gateway
132.245.145.195
132.245.145.205
Protect SA
Source: 132.245.145.205
Destination: 132.245.145.195
Protect SA
Source: 132.245.145.195
Destination: 132.245.145.205
Unprotect SA
Source: 132.245.145.205
Destination: 132.245.145.195
Unprotect SA
Source: 132.245.145.195
Destination: 132.245.145.205
- Configuring IPsec Services 1
- Trademarks 2
- Restricted Rights Legend 2
- Statement of Conditions 2
- Contents 7
- 308630-14.00 Rev 00 ix 9
- 308630-14.00 Rev 00 xi 11
- 308630-14.00 Rev 00 xiii 13
- Before You Begin 15
- Text Conventions 16
- Acronyms 17
- Hard-Copy Technical Manuals 19
- How to Get Help 19
- Chapter 1 21
- Overview of IPsec 21
- About IPsec 22
- Note Regarding IPsec and NAT 22
- Supported Routers 23
- Supported WAN Protocols 23
- IPsec Services 24
- How IPsec Works 25
- IPsec Tunnel Mode 26
- IPsec Elements 27
- Security Gateways 28
- Security Policies 28
- Security Associations 31
- Security Protocols 35
- Authentication Header 36
- Perfect Forward Secrecy 37
- Chapter 2 39
- Installing IPsec 39
- Upgrading Router Software 40
- Installing the IPsec Software 40
- 308630-14.00 Rev 00 41
- Securing Your Site 42
- Securing Your Configuration 42
- Random Number Generator (RNG) 43
- Generating NPKs 43
- Caution: 44
- Changing an NPK 46
- Monitoring NPKs 46
- Chapter 3 47
- Starting IPsec 47
- Creating Policies 48
- Specifying an Action 49
- Policy Considerations 49
- Creating an Outbound Policy 50
- Creating an Inbound Policy 52
- About Automated SA Creation 54
- About Manual SA Creation 56
- Chapter 4 59
- Customizing IPsec 59
- Editing a Policy 60
- Adding a Policy 61
- Frame Relay Protocol 62
- Reordering Policies 64
- Frame Relay 65
- Manual SA Modifications 67
- Disabling IPsec 69
- Appendix A 71
- Site Manager Parameters 71
- Enabling IPsec Parameters 72
- IPsec Policy Parameters 73
- Appendix B 83
- Definitions of k Commands 83
- Appendix C 85
- RTR4 Subnet 192.32.30.0 88
- Manual SA Policy Examples 89
- RTR1 and RTR2 92
- RTR1 93
- RTR2 93
- RTR3 96
- RTR4 96
- Supported Versions 100
- Configuring Through a Browser 100
- Terminology 101
- Configuration Specifics 102
- Feature Comparison Summary 103
- Troubleshooting Tips 104
- Configuration Examples 105
- Protocol Numbers 109
- Appendix D 109
Verwandte Produkte und Handbücher für Software Avaya Configuring IPsec Services
Software Avaya Business Communication Manager 5.0 - Configuration - Devices Bedienungsanleitung
(258 Seiten)
(258 Seiten)
Software Avaya FireWall-1 Bedienungsanleitung
(68 Seiten)
(68 Seiten)
Software Avaya PeriReporter Bedienungsanleitung
(122 Seiten)
(122 Seiten)
Software Avaya PeriProducer 3.00 (Software Release 3.00) - Business Communications Manager Hinweis
(48 Seiten)
(48 Seiten)
Software Avaya Business Communications Manager - Intelligent Contact Center Bedienungsanleitung
(258 Seiten)
(258 Seiten)
Software Avaya BCM50 Konfigurationsanleitung
(568 Seiten)
(568 Seiten)
Software Avaya 15-601067 Bedienungsanleitung
(50 Seiten)
(50 Seiten)
Software Avaya SMON C360 Bedienungsanleitung
(286 Seiten)
(286 Seiten)
Software Avaya 15-601063 Bedienungsanleitung
(460 Seiten)
(460 Seiten)
Software Avaya DXX-1015-01 Bedienungsanleitung
(74 Seiten)
(74 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.125 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern