340
V7122 GatewayUser Guide
Table 70
SPD Table Configuration Parameters
Parameter Name
Description
Remote IP Address
[IPSecPolicyRemoteIPAddre
ss]
Defines the destination IP address (or a FQDN) the
IPSec mechanism is applied to.
This parameter is mandatory.
When a FQDN is used, a DNS server
must be configured (DNSPriServerIP).
Local IP Address Type
[IPSecPolicyLocalIPAddress
Type]
Determines the local interface to which the encryption
is applied (applicable to multiple IPs and VLANs).
0 = OAM interface (default).
1 = Control interface.
Source Port
[IPSecPolicySrcPort]
Defines the source port the IPSec mechanism is
applied to.
The default value is 0 (any port).
Destination Port
[IPSecPolicyDstPort]
Defines the destination port the IPSec mechanism is
applied to.
The default value is 0 (any port).
Protocol
[IPSecPolicyProtocol]
Defines the protocol type the IPSec mechanism is
applied to.
0
= Any protocol (default).
17 =
UDP.
6 =
TCP.
Or any other protocol type defined by IANA (Internet
Assigned Numbers Authority).
IPSec is applied to
outgoing packets
whose IP address,
destination port,
source port and
protocol type match
the values defined for
these four
parameters.
Related Key Exchange Method
Index
[IPsecPolicyKeyExchangeMe
thodIndex]
Determines the index for the corresponding IKE entry. Note that several
policies can be associated with a single IKE entry.
The valid range is 0 to 19. The default value is 0.
IKE Second Phase Parameters (Quick Mode)
SA Lifetime (sec)
[IPsecPolicyLifeInSec]
Determines the time (in seconds) the SA negotiated in the second IKE
session (quick mode) is valid. After the time expires, the SA is re-negotiated.
The default value is 28800 (8 hours).
SA Lifetime (KB)
[IPSecPolicyLifeInKB]
Determines the lifetime (in kilobytes) the SA negotiated in the second IKE
session (quick mode) is valid. After this size is reached, the SA is re-
negotiated.
The default value is 0 (this parameter is ignored).
The lifetime parameters (IPsecPolicyLifeInSec and IPSecPolicyLifeInKB) determine the duration of which an
SA is valid. When the lifetime of the SA expires, it is automatically renewed by performing the IKE second
phase negotiations. To refrain from a situation where the SA expires, a new SA is being negotiated while the
old one is still valid. As soon as the new SA is created, it replaces the old one. This procedure occurs
whenever an SA is about to expire.
Содержание VCX V7122
Страница 28: ...28 V7122 GatewayUser Guide ...
Страница 39: ...V7122 Gateway User Guide 39 Reader s Notes ...
Страница 40: ...40 V7122 GatewayUser Guide ...
Страница 58: ...58 V7122 GatewayUser Guide Reader s Notes ...
Страница 66: ...66 V7122 GatewayUser Guide Reader s Notes ...
Страница 144: ...144 V7122 GatewayUser Guide Reader s Notes ...
Страница 239: ...V7122 Gateway User Guide 239 Reader s Notes ...
Страница 240: ...240 V7122 GatewayUser Guide ...
Страница 246: ...246 V7122 GatewayUser Guide Reader s Notes ...
Страница 270: ...270 V7122 GatewayUser Guide Reader s Notes ...
Страница 287: ...V7122 Gateway User Guide 287 Reader s Notes ...
Страница 288: ...288 V7122 GatewayUser Guide ...
Страница 294: ...294 V7122 GatewayUser Guide Reader s Notes ...
Страница 300: ...300 V7122 GatewayUser Guide Figure 88 Gateway s Startup Process ...
Страница 315: ...V7122 Gateway User Guide 315 Reader s Notes ...
Страница 316: ...316 V7122 GatewayUser Guide ...
Страница 332: ...332 V7122 GatewayUser Guide Reader s Notes ...
Страница 358: ...358 V7122 GatewayUser Guide Reader s Notes ...
Страница 362: ...362 V7122 GatewayUser Guide Reader s Notes ...
Страница 389: ...V7122 Gateway User Guide 389 Reader s Notes ...
Страница 390: ...390 V7122 GatewayUser Guide ...
Страница 398: ...398 V7122 GatewayUser Guide Reader s Notes ...
Страница 406: ...406 V7122 GatewayUser Guide Reader s Notes ...
Страница 408: ...408 V7122 GatewayUser Guide Reader s Notes ...
Страница 409: ...V7122 Gateway User Guide 409 ...
Страница 419: ...V7122 Gateway User Guide 419 Reader s Notes ...
Страница 437: ...V7122 Gateway User Guide 437 Reader s Notes ...
Страница 452: ...452 V7122 GatewayUser Guide Figure 137 UDP2File Utility ...
Страница 453: ...V7122 Gateway User Guide 453 Reader s Notes ...
Страница 459: ...V7122 Gateway User Guide 459 Reader s Notes ...
Страница 475: ...V7122 Gateway User Guide 475 ...