Chapter 6 Configuring branch office tunnels 131Nortel VPN Router Configuration — Basic FeaturesConfiguring a tunnel connectionTo configure a connection:1 On the Profiles > Branch Office window, select the button next to theconnection name and click on Configure. The Connection Configurationwindow appears.2 Select the Tunnel Type for the connection from the list. The default type isIPsec. Click the drop-down list and select either IPsec, PPTP, or L2TP.If you change the tunnel type, the fields in the Authentication portion of thiswindow change to reflect the different configuration requirements for theselected tunnel type.3 Select the Connection Type from the list that you want this branch office touse.• Peer to peer connection type is the traditional branch office tunnel, whereeither side can initiate traffic.• Initiator, where with asynchronous branch office tunnels (ABOT), oneside must be configured as the initiator and the other as the responder.Only the Initiator can bring up the tunnel. When the connection type is setto initiator, there is no need to define a local endpoint. You should onlyconfigure an IPsec tunnel type. IPsec authentication requires an initiatorID. Asynchronous branch office tunnels work only on public interfaces.• Responder, where neither local or remote endpoints are required. Youmust configure IPsec authentication to specify the same initiator ID as inthe associated initiator branch office tunnel.4 Click Enable to enable the branch office connection. For security, the EnableBranch Office Connection selection is automatically disabled when youattempt to save an incorrect configuration.5 Select the Endpoints for the initiator and responder connection types.• For the local endpoint address, click on the list and select the address ofthe local Nortel VPN Router (for example, 132.168.2.3).• In the remote endpoint address field, enter the address of the remoteNortel VPN Router (for example, 132.19.2.30) that you want to form theopposite end of the branch office connection. For Initiator connectiontypes, you can enter the DNS host name.