IPSec SA Lifetime (sec)
[IPsecSATable_Phase2SaLifetimeIn
Sec]
Defines the duration (in seconds) for which the negotiated
IPSec SA (Quick mode) is valid. After this time expires, the
SA is re-negotiated.
The default value is 0 (i.e., unlimited).
Note: For best performance, a value of 3,600 (i.e., one hour)
or more is recommended.
IPSec SA Lifetime (Kbs)
[IPsecSATable_Phase2SaLifetimeIn
KB]
Defines the maximum volume of traffic (in kilobytes) for
which the negotiated IPSec SA (Quick mode) is valid. After
this specified volume is reached, the SA is re-negotiated.
The default value is 0 (i.e., the value is ignored).
Dead Peer Detection Mode
[IPsecSATable_DPDmode]
Defines dead peer detection (DPD), according to RFC 3706.
 [0] DPD Disabled (default)
 [1] DPD Periodic = DPD is enabled with message
exchanges at regular intervals
 [2] DPD on demand = DPD is enabled with on-demand
checks - message exchanges as needed (i.e., before
sending data to the peer). If the liveliness of the peer is
questionable, the device sends a DPD message to query
the status of the peer. If the device has no traffic to send,
it never sends a DPD message.
Note: For more information on DPD, refer to the Product
Reference Manual.
Remote Tunnel Addr
[IPsecSATable_RemoteTunnelAddr
ess]
Defines the IP address of the peer router.
Note: This parameter is applicable only if the Operational
Mode is set to Tunnel.
Remote Subnet Addr
[IPsecSATable_RemoteSubnetIPAd
dress]
Defines the IP address of the remote subnet. Together with
the Prefix Length parameter (below), this parameter defines
the network with which the IPSec tunnel allows
communication.
Note: This parameter is applicable only if the Operational
Mode is set to Tunnel.
Remote Prefix Length
[IPsecSATable_RemoteSubnetPrefi
xLength]
Defines the prefix length of the Remote Subnet IP Address
parameter (in bits). The prefix length defines the subnet
class of the remote network. A prefix length of 16
corresponds to a Class B subnet (255.255.0.0); a prefix
length of 24 corresponds to a Class C subnet
(255.255.255.0).
Note: This parameter is applicable only if the Operational
Mode is set to Tunnel.
Interface Name
[IPsecSATable_InterfaceName]
Assigns a network interface to this IPSec rule. The network
interfaces are defined in the Multiple Interface table
('Interface Name' column) in 'Configuring IP Network
Interfaces' on page 105
13 Media
This section describes the media-related configuration.
To Next Page
Loading...
Need help?
General
