Avaya Configuring IPsec Services Manual de usuario descargar pdf (Pagina 103)

Contivity VPN Switch Interoperability

308630-15.1 Rev 00

D-5

BayRS Features Not Supported by the Contivity VPN Switch

Contivity does not support the following BayRS features:

• Frame relay interface configured as an IPsec gateway

• Manual IPsec SAs

• Source and destination address ranges that contain a partial range of a network

as opposed to network-only addressing for configuration of accessible

network IP addresses

• Protocol selectors as defined in RFC 2401, “Security Architecture for the

Internet Protocol,” for use as a criterion to allow establishment of an SA

• PFS support on a per-IPsec tunnel basis (Contivity uses PFS for all or none of

the sessions [IPsec SAs] over a branch office connection.)

• DES-only and 3DES-only encryption options (without integrity transforms)

• Routing/broadcast traffic in clear text

Contivity VPN Switch Features Not Supported by BayRS

BayRS does not support the following Contivity features:

• Certificates/public key infrastructure

• Delete payload for IKE SA sent when terminating IKE SAs

• IPsec transport mode

• AH IPsec protocol

• Vendor ID disable/enable (vendor ID is always enabled and not configurable

on BayRS)

• Routing information protocol inside an IPsec tunnel (proprietary)

1 2 ... 98 99 100 101 102 103 104 105 106 107 108 ... 121 122

Sin comentarios

Avaya Configuring IPsec Services Manual de usuario Pagina 103