Manualshelf

Installation guide

ManualsBrandsAcme ManualsAcousticsSA-104
161162163164165166167168169170
IPSEC>SECURITY-ASSOCIATION>TUNNEL-MODE CONFIGURATION ELEMENTS A-M
Version S-C6.1.0 Oracle Communications Session Border Controller ACLI Reference Guide 161
auth-key—Enter the authentication key for the previously chosen authentication
algorithm for this SA
encr-key—Enter the encryption key for the previously chosen encryption algorithm
for this SA
aes-ctr-nonce—Enter the AES nounce. This only applies if aes-128-ctr or aes-
256-ctr
are chosen as your encryption algorithm.
Default 0
tunnel-mode—Enter the tunnel-mode subelement
Path security-association is a subelement under the ipsec element. The full path from
the topmost ACLI prompt is: configure-terminal > security > ipsec > security-
association.
Release First appearance: 5.0
RTC Status Supported
ipsec>security-association>tunnel-mode
This configuration element allows you to configure the addresses in the security-
association. These addresses represent the external, public addresses of the
termination points for the IPSEC tunnel.
Syntax tunnel-mode <local-ip-addr | remote-ip-addr | select | no | show |
done | exit>
local-ip-addr—Enter the local IP address of this tunnel mode profile
remote-ip-addr—Enter the remote IP address of this tunnel mode profile
Path tunnel-mode is a subelement under the ipsec>security-association element. The
full path from the topmost ACLI prompt is: configure-terminal > security > ipsec
> security-association>tunnel-mode.
Release First appearance: 5.0
RTC Status Supported
ipsec>security-policy
The security-policy configuration element allows you to configure IPsec security
policies on your Net-Net SBC.
Syntax security-policy <name | network-interface | priority | local-ip-
addr-match | remote-ip-addr-match | local-port-match | remote-
port-match | trans-protocol-match | direction | local-ip-mask |
remote-ip-mask | action | outbound-sa-fine-grained-mask | select
| no | show | done>
name—Enter the name for this security policy
network-interface—Enter the network interface and VLAN where this security
policy applies in the form:
interface_name:VLAN