Avaya Configuring IPsec Services Uživatelský manuál Strana 101

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 122
  • Tabulka s obsahem
  • KNIHY
  • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 100
Contivity VPN Switch Interoperability
308630-15.1 Rev 00
D-3
Configuration Considerations
When you configure a Contivity switch to interoperate with BayRS IPsec, you
must configure the Contivity switch to include a branch office connection with a
tunnel type equal to IPsec. For detailed instructions on configuring branch
office connections, see Configuring the Contivity VPN Switch.
The following sections provide information to help you configure IPsec to
interoperate on BayRS and Contivity platforms.
Network Addresses
When you configure IP network addresses, note that BayRS lets you configure a
network range that can include any number of valid IP addresses. The ability to
configure address ranges provides flexibility for BayRS-to-BayRS IPsec
implementations.
However, many IPsec platforms, including the Contivity VPN Switch, require you
to configure IP addresses by subnet and mask. Therefore, to interoperate with the
Contivity implementation of IPsec, a BayRS policy must contain source and
destination IP address ranges that match the exact ranges of the corresponding
Contivity branch office connections local and remote accessible networks.
For example, if the Contivity side of the IPsec tunnel branch office connection has
a remote network of 192.32.54.128/255.255.255.224 and a local network of
192.32.13.128/255.255.255.224, the corresponding BayRS policy must have a
source address range of exactly 192.32.54.128 to 192.32.54.159, and a destination
address range of exactly 192.32.13.128 to 192.32.13.159.
Routing
Only static routing is supported between the Contivity switch and BayRS IPsec
gateways. Although the Contivity switch offers VPN Routing, which sends RIP
routes through an IPsec tunnel, this feature is proprietary to the Contivity switch.
A BayRS router interface configured with IPsec sends broadcasts out the interface
in clear text only. The Contivity switchs public interface does not accept these
clear text broadcasts.
Zobrazit stránku 100
1 2 ... 96 97 98 99 100 101 102 103 104 105 106 ... 121 122

Komentáře k této Příručce

Žádné komentáře