Avaya Configuring Branch Office Tunnel between a Contivity and a BayRS Router Manual de usuario descargar pdf (Pagina 18)

Tech Tip

Contivity Secure IP Services Gateway

Configuring Branch Office Tunnel between a Contivity and a BayRS

router

The show ipsec policy command – gives a listing of all IPSec policies, and proposals configured

within each. For example,

$ show ipsec policy

IPSEC Policy Table Information

------------------------------

Policy Proposal Transform Cipher Integrity

Number Number Number Type Alg Alg

------ -------- --------- ---- ------ ---------

1 1 1 ESP 3DES MD5

The show ipsec selectors out command– gives a list of all interfaces and the policies

configured on each.

$ show ipsec selectors out

IPSEC Outbound Selector Table Information

-----------------------------------------

Pol Policy

Cct. Interface Mode State Matches Num Name

------ --------------- -------- ------- ------- --- ---------------

2 10.1.1.1 Enabled Up 23 1 Tunnel to CES

Interpreting Log Messages on the Router

# 9: 09/14/2004 08:17:57.900 INFO SLOT 1 IPSEC Code: 124

IPSec received inbound SA request. No proposal/attribute chosen.

Last validation mismatch : Received mismatching cipher algorithm.

Policy number: 1

Rcv proposal: 1, Our proposal: 1.

Rcv transform: 1, Our transform: 1.

This message generally indicates that there is no compatible encryption setting configured

between the Router and the IPSec peer. The proposal list containing the encryption capabilities

for the SA was defined in step 11 of the “Configuring ARN” section of this guide. Verify both ends

have compatible settings configured, otherwise they won’t be able to negotiate the SA.

TT040916 1.00 September 2004 Page: 18 of 29

1 2 ... 13 14 15 16 17 18 19 20 21 22 23 ... 28 29

Sin comentarios

Avaya Configuring Branch Office Tunnel between a Contivity and a BayRS Router Manual de usuario Pagina 18