Add_workflow_for_techpubs AUTH2 pmuthu AUTH1 ksatya REV5 ssekhar REV6 kvenkatraman REV3 sekumar REV1 pmotagi
Panel | ||||
---|---|---|---|---|
In this section:
|
The Sonus Lawful Intercept (LI) solution supports the following:
...
...
...
...
Click Create. A circular progress bar is displayed against the Master Configurator node. It requires minimum of six minutes to load the master configuration.
Caption | ||||
---|---|---|---|---|
| ||||
When the Master Configurator node is loaded, the Open Editor button is displayed next to the Master Configurator node.
Caption | ||||
---|---|---|---|---|
| ||||
...
...
Under Network Mgmnt, click Cluster / VNF Management. The Cluster/VNF Management window is displayed.
...
Create cluster. For more information, see Creating an SBC SWe Cluster.
...
Click Configurations tab.
...
Click New Configuration. The New Configuration pane is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
...
Select the version of the configuration from the Version drop-down menu.
...
Select an SBC Configurator instance from the Master Configurator drop-down menu.
This node is used to create the configuration. The SBC Configurator nodes are displayed based on the version selected. Only unlocked SBC Configurator nodes are listed.
Enter a name for the configuration in the Configuration Name field. The SBC configuration name can contain only letters, numbers, dashes (-), apostrophes ('), underscores (_), colons (:) and spaces.
Note |
---|
The cluster ID is set as the default name for the first configuration. You can modify the name. The name must be unique. The subsequent configurations are named with a combination of cluster name and some unique identifying information. The default name varies based on how the configuration is created. |
This page describes how to configure IPsec support.
Excerpt Include | ||||||
---|---|---|---|---|---|---|
|
In the SBC Configuration Manager window:
Click IKE Protection Profile > New IKE Protection Profile.
...
Caption | ||||
---|---|---|---|---|
| ||||
The Create New IKE
...
Protection Profile window is displayed.
...
Type the profile Name, SA Lifetime Time, and DPD Interval. Choose the appropriate option in PFS Required.
Caption | ||||
---|---|---|---|---|
| ||||
Use the following table to configure the profile and click Save.
Caption | ||||||
---|---|---|---|---|---|---|
| ||||||
|
...
|
...
|
...
|
...
In the SBC Configuration Manager window:
Click IKE Protection Profile > New IKE Protection Profile > Algorithms.
...
The Algorithms window is displayed.
Choose the
...
name of your IKE protection profile in IKE Protection Profile.
Caption | ||||
---|---|---|---|---|
| ||||
Use the following table to configure algorithm parameters for the profile and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
|
...
|
...
|
...
|
...
|
...
...
This object creates an entry in the IKE Peer Database (IPD). The IPD is a list of remote devices that may become
...
IPsec peers. The IPD establishes the authentication and other phase 1 criteria for the peer-to-peer negotiation to eventually reach an IKE Security Association (SA) between this specific peer and the SBC.
...
In the SBC Configuration Manager window:
Choose an address context to which you want to add the peer from the Address Context list and click New Peer. The Create New Peer window opens
...
.
Caption | |||
---|---|---|---|
|
...
| |
The Create New Peer window is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
Use the following table to configure the peer and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
|
Parameter | Description |
---|---|
Name | Specifies the name of the peer you are configuring. |
IP Address V4 or V6 | Specifies the 32-bit IP address of the |
...
peer. | |
Protocol | The SPD traffic selector IP |
...
protocol. Valid values for this parameter are:
| |
Pre Shared Key | Specifies the Pre-shared secret with this peer. The Pre Shared Key can be one of the following:
In either case the given value represents a pre-shared secret between the |
Spacevars | ||
---|---|---|
|
SBC and the IKE peer. This value is used for mutual authentication for phase 1 negotiation to set up an IKE Security association.
|
...
| |
Protection | The name of the IKE protection profile to be applied to the Key management protocol exchange with the peer. |
Local Identity |
...
Specifies the local identity |
...
that SBC asserts to the peer during phase 1 authentication. |
...
Note |
---|
The |
In Address Context drop-down menu, choose the Peer. The Peer List is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
Click the radio button adjacent to Peer name.
Caption | ||||
---|---|---|---|---|
| ||||
...
Modify the relevant parameters, and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
Click the radio button adjacent to the Peer. Click Copy Peer.
Caption | ||||
---|---|---|---|---|
| ||||
...
Type the relevant parameters, and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
...
Select a Type of identifier in the drop-down list and then provide the specific value in the adjacent entry field. Option are:
Note: The IP VxAddr option is not used at this time. |
...
Click the radio button adjacent to the Peer. Click Delete.
Caption | ||||
---|---|---|---|---|
| ||||
A delete confirmation message appears. Click Yes.
Caption | ||||
---|---|---|---|---|
| ||||
The object specifies the local identity type that
Spacevars | ||
---|---|---|
|
...
On the navigation pane, choose Address Context > IPsec > Peer > Local Identity. The Local Identity window is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
...
In Address Context drop-down menu, choose the Local Identity.
...
IN Peer drop-down menu, choose the Peer.
...
This object specifies the remote IKE identity that is authorized to be negotiated with during phase I negotiation.
In the SBC Configuration Manager window:
Select a Type of identifier in the drop-down list and then provide the specific value in the adjacent entry field. Option are:
...
Click Save.
Caption | |
---|---|
|
...
|
...
|
...
...
Parameter | Description | ||||
---|---|---|---|---|---|
ipV6Addr <ipAddress> | This parameter specifies that the local identity will be presented in IPv6 address hexadecimal/colon format, taking as its value the IP address of the
|
Note |
---|
The |
The object specifies the remote Identity that
Spacevars | ||
---|---|---|
|
...
On the navigation pane, choose Address Context > IPsec > Peer > Remote Identity. The Remote Identity window is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
...
In Address Context drop-down menu, choose the Remote Identity.
...
IN Peer drop-down menu, choose the Peer.
...
This object is an IPsec Security Policy Database (SPD) entry. The IPsec SPD is an ordered list of entries ("rules") that specify sets of packets and determine whether or not to permit, deny, or protect packets between the SBC and the peer that is referenced from the entry. If the packets are to be protected, this entry references information that specifies how to protect them. The
...
Caption | ||||||
---|---|---|---|---|---|---|
| ||||||
|
...
SPD establishes the phase 2 criteria for the negotiation between the SBC and the IKE peer. The successful completion of this negotiation results in a Security Association (SA).
...
In the SBC Configuration Manager window:
Click All > Address Context > IPsec > SPD. The SPD window is displayed.
...
Choose an address context to which you want to add the SPD from the Address Context list. The Create New SPD window opens.
Caption | ||||
---|---|---|---|---|
| ||||
Use the following table to configure the SPD and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
|
...
Length/Range
|
...
|
...
Spacevars | ||
---|---|---|
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
N/A
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
Local Ip Addr Var
...
N/A
...
Specifies the local IPv4 or IPv6 address of the SPD traffic selector.
|
On the navigation pane, choose Address Context > IPsec > SPD. The SPD window is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
In Address Context drop-down menu, choose the appropriate address context to view the SPD.
Click the radio button adjacent to SPD name.
Caption | ||||
---|---|---|---|---|
| ||||
The Edit Selected SPD window is displayed.
Modify the relevant parameters, and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
Click the radio button adjacent to SPD name. Click Copy SDP.
Caption | ||||
---|---|---|---|---|
| ||||
|
...
Type the relevant parameters, and click Save.
Caption | ||||
---|---|---|---|---|
| ||||
...
Click the radio button adjacent to the SPD. Click Delete.
Caption | ||||
---|---|---|---|---|
| ||||
A delete confirmation message appears. Click Yes.
...
0 | Figure |
---|---|
1 | Deleting SPD Prompt |
...
Pagebreak |
---|