SBC 1000/2000 4.1.x : Working with IPsec


The SBC supports two methods of peer authentication for each connection name entry in the connection table: digital certificate/PKI-based authentication, and pre-shared key. IPsec allows the branch office SBC to reside behind the corporate firewall by means of VPN tunneling. IPsec tunneling is also an enabling technology for the 3G/4G Branch Survivability feature.

Note: The IPsec feature is implemented as a means of establishing IPsec tunnels in support of the Branch Survivability feature. IPsec tunneling is NOT a stand-alone feature at this time.


The diagram depicts a VPN connection(IPsec tunnel) between the local and remote subnets as site-to-site tunneling on SBC gateways. Traffic between the trusted subnet networks is tunneled to fully encapsulate the packets on its way across an untrusted network, protected by both encryption and authentication.


Managing IPsec Tunnels
Configuring a Site to Site IPsec between the SBC Gateways
Viewing IPsec Statistics


ipsec_block.png (image/png)