Virtual Private Routed Network Services
7750 SR OS Services Guide Page 1425
dynamic-keying
Syntax [no] dynamic-keying
Context config>service>vprn>ipsec-interface>sap>tunnel
Description This command enables dynamic keying for the IPsec tunnel.
Default none
auto-establish
Syntax [no] auto-establish
Context config>service>vprn>ipsec-interface>sap>tunnel
Description This command specifies whether to attempt to establish a phase 1 exchange automatically.
The no form of the command disables the automatic attempts to establish a phase 1 exchange.
Default no auto-establish
transform
Syntax transform transform-id [transform-id...(up to 4 max)]
no transform
Context config>service>vprn>ipsec-interface>sap>tunnel>dynamic-keying
Description This command associates the IPSec transform sets allowed for this tunnel. A maximum of four
transforms can be specified. The transforms are listed in decreasing order of preference (the first one
specified is the most preferred).
Default none
Parameters transform-id — Specifies the value used for transforms for dynamic keying.
Values 1 — 2048
local-gateway-address
Syntax local-gateway-address ip-address peer ip-address delivery-service service-id
no local-gateway-address
Context config>service>vprn>ipsec-interface>sap>tunnel
Description This command specifies the local gateway address used for the tunnel and the address of the remote
security gateway at the other end of the tunnelremote peer IP address to use.
Default The base routing context is used if the delivery-router option is not specified.
To Next Page
Loading...
