DeadPeerDetection Enable Dead Peer Detection. (Default: Yes)
NATTraversal Enable or disable NAT traversal. (Default:
OnIfNeeded)
AutoEstablish Negotiate tunnel directly after reconfigureation.
(Default: No)
Metric Specifies the metric for the auto-created route.
(Default: 90)
AutoInterfaceNetworkRoute Automatically add a route for this interface using
the given remote network. (Default: Yes)
IKEIPsecPerIKELimit Specifies the maximum number of IPsec SAs one
IKE SA is allowed to create. (Default: 0)
IKEMaxIPsecPerIKELimitViolations Specifies how many times the IPsec per IKE SA limit
can be exceeded before action is taken and the IKE
is removed. (Default: 0)
IKEDSField Specifies the value of the Differentiated Services
Field of the IP header in IKE packets. (Default: 0)
IPsecDSField Specifies the value of the Differentiated Services
Field of the outer IP header of IPsec packets in
tunnel mode. If unspecified, the value of the inner
IP header will be used instead. (Optional)
LocalEndpoint Specifies on which local address this tunnel should
accept incoming IKE/IPsec traffic. (Optional)
SourceInterface Specifies which interface this tunnel should use for
IKE/IPsec traffic. (Default: any)
OutgoingRoutingTable Specifies which routing table this tunnel should
use for IKE/IPsec traffic. (Default: main)
EAP Enables EAP Authentication. (Default: No)
RequestEAPID Send an EAP identity request to client. This allows
the client to use different identities for the IKE and
EAP negotiation. (Default: Yes)
SNMPIndex Interface index assigned by the system when
persistent interface indexes are enabled. (Default:
0)
MemberOfRoutingTable All or Specific. (Default: All)
RoutingTable Specifies the PBR table to insert the interface IP
route into. It also means that the specified routing
table will be used for all routing lookups, unless
overridden by a PBR rule. (Default: main)
Comments Text describing the current object. (Optional)
Chapter 3: Configuration Reference
221
To Next Page
Loading...
