Manualshelf

User's Manual

ManualsBrandsWuxi MitraStar Technology ManualsElectronicsEquipo para acceso Fibra Optica
11121314151617181920
Chapter 16 IPSec VPN 127
16.3.7.1 ID Type and Content Examples
Two IPSec routers must have matching ID type and content configuration in order to set up a VPN
tunnel.
The two Routers in this example can complete n
egotiation and establish a VPN tunnel.
Table 74 Matching ID Type and Content Configuration Example
ROUTER A ROUTER B
Local ID type: E-mail Local ID type: IP
Local ID content: tom@yourcompany.com Local ID content: 1.1.1.2
Remote ID type: IP Remote ID type: E-mail
Remote ID content: 1.1.1.2 Remote ID content: tom@yourcompany.com
The two Routers in this example cannot complete their negotiation because Router B’s Local ID
Type is IP, but Router As Remote ID Type is set to E-mail. An “ID mismatched” message displays in
the IPSEC LOG.
Table 75 Mismatching ID Type and Content Configuration Example
ROUTER A ROUTER B
Local ID type: IP Local ID type: IP
Local ID content: 1.1.1.10 Local ID content: 1.1.1.2
Remote ID type: E-mail Remote ID type: IP
Remote ID content: aa@yahoo.com Remote ID content: 1.1.1.0
16.3.8 Pre-Shared Key
A pre-shared key identifies a communicating party during a phase 1 IKE negotiation (see Section
16.3.3 on page 123 for more on IKE phases). It is called “pre-shared” because you have to share it
with another party before you can communicate with them o
ver a secure connection.
E-mail Type an e-mail address (up to 31 characters) by which to identify this Router.
The domain name or e-mail address that you use in the Lo
cal ID Content field is used
for identification purposes only and does not need to be a real domain name or e-
mail address.
Table 73 Local ID Type and Content Fields (continued)
LOCAL ID
TYPE=
CONTENT=