8
340 Nokia Network Voyager for IPSO 4.0 Reference Guide
Putting It All Together
To complete creating an IPSec policy
1. Under the Policies table, enter a name for a new policy in the New Policy text box, then
click Apply.
An Apply Successful message appears and the policy name appears in the Policies table.
2. Click on the policy name in the Policies table.
The IPSec Policy Configuration page for the name appears.
3. Under the Linked Proposals table, from the drop-down list in the Add a Proposal field, select
the name of the proposal to use in this policy.
Assign a priority in the Priority text box, then click Apply.
Repeat this step for every proposal that must be offered to the other peer. The proposals are
offered starting with the lowest priority value (one).
4. Select the authentication method (Pre-Shared Secrets or X.509 Certificates) needed in this
policy, then click Apply.
Note
Only one method can be active at a time.
5. If you chose Pre-Shared Secret, enter the shared secret in the Enter Shared Secret text box.
Enter the secret again, in the Shared Secret (Verify) text box, for verification.
6. Click Apply.
If the secret has been entered correctly the red light of the Secret Status field turns green
after you click Apply.
7. If you chose X.509 Certificates, select the certificate name from the list of device certificates
that identifies this machine.
8. In the Lifetime table, if the default lifetime values are not appropriate, modify them in the
Seconds and Megabytes text boxes.
Note
Lifetimes must be set to the same value between peers when negotiation is initiated. If
they are not set the same, IPSO IPSec might deny the negotiation.
9. In the Diffie-Hellman Groups table, if the default values in the IKE Group and PFS Group
text boxes are not appropriate, modify them, then click Apply.
Note
Each Network Voyager page displays a maximum of 10 policies. If you create more than 10
policies, they are continued on new pages. Access these pages by clicking the link directly