![background image](http://html1.mh-extra.com/html/patton-electronics/smartware-r-3-20/smartware-r-3-20_software-configuration-manual_4044387281.webp)
281
Chapter 25
VPN configuration
Chapter contents
Introduction
........................................................................................................................................................283
Authentication
..............................................................................................................................................283
Encryption
....................................................................................................................................................283
Transport and tunnel modes
.........................................................................................................................284
Key management
..........................................................................................................................................284
VPN configuration task list
.................................................................................................................................284
Creating an IPsec transformation profile
.......................................................................................................284
Creating an IPsec policy profile
.....................................................................................................................285
Creating/modifying an outgoing ACL profile for IPsec
.................................................................................287
Configuration of an IP interface and the IP router for IPsec
..........................................................................288
Displaying IPsec configuration information
..................................................................................................288
Debugging IPsec
...........................................................................................................................................289
Key management (IKE)
.......................................................................................................................................290
Main differences between manual & IKE IPSEC configurations
.............................................................290
Creating an ISAKMP transform profile
...................................................................................................291
Creating an ISAKMP IPSEC policy profile
.............................................................................................292
Creating/modifying an outgoing ACL profile for IPSEC
.........................................................................293
Configuration of an IP interface and the IP router for IPSEC
.................................................................293
Policy matching
......................................................................................................................................293
Sample configuration snippet
..................................................................................................................293
Troubleshooting
...........................................................................................................................................294
Encrypted Voice - Performance considerations
....................................................................................................295
Performance considerations
...........................................................................................................................295
Enabling RTP encryption support
.......................................................................................................................295
Using an alternate source IP address for specific destinations
...............................................................................296
Configuring Call-Hold on ISDN interfaces
.........................................................................................................296
Enabling Display Information Elements on ISDN Ports
.....................................................................................296
Sample configurations
.........................................................................................................................................297
IPsec tunnel, DES encryption
.......................................................................................................................297
SmartNode configuration
........................................................................................................................297
Cisco router configuration
.......................................................................................................................298
IPsec tunnel, AES encryption at 256 bit key length, AH authentication with HMAC-SHA1-96
..................298
SmartNode configuration
........................................................................................................................298
Cisco router configuration
.......................................................................................................................299
IPsec tunnel, 3DES encryption at 192 bit key length, ESP authentication with HMAC-MD5-96
................299
SmartNode configuration
........................................................................................................................299
Cisco router configuration
.......................................................................................................................299