3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
212 CHAPTER 13: DVPN
DVPN server configuration
As for a DVPN server, you need to perform basic configuration, Tunnel interface
configuration, and DVPN policy suite configuration (DVPN policies are configured
in DVPN policy views), which are described as follows.
1 Basic configuration
Basic configuration includes the following:
■ Enable/Disable DVPN
■ Configure the map aging time
■ Configure how to authenticate the clients
■ Configure the pre-shared-key
2 Tunnel interface configuration
Tunnel interface configuration includes the following:
■ Encapsulate the Tunnel interface with UDP DVPN
■ Configure the Tunnel interface to server
■ Configure the DVPN domain the Tunnel interface belongs to
■ Configure the source address or source interface of the Tunnel interface
■ Configure the DVPN policy the Tunnel interface uses (optional)
■ Configure IPsec-encrypted data stream
3 DVPN policy suite configuration
DVPN policy suite configuration includes the following:
■ Create and enter a DVPN policy view
■ Configure how the DVPN server authenticates the clients (optional and is NONE
by default)
■ Configure the algorithm suite for a specified session (optional and is
des-md5-dh1 by default)
■ Configure the timeout time for a specified session (optional and is 300 seconds
by default)
■ Configure the interval for sending keepalive packets (optional and is 10
seconds by default)
■ Configure the interval for sending requests to establish a session (optional and
is 10 seconds by default)
■ Configure the IPsec algorithm suite (optional and is des-md5-dh1 by default)
■ Configure the time out time to renegotiate a specified IPsec SA (optional and is
3600 seconds by default)
To correspond to the configurations mentioned above, following sections describe
how to configure DVPN in terms of basic configuration, Tunnel interface
configuration, DVPN class configuration, and DVPN policy configuration.