Virtual Private Networks (VPN) IPsec
Digi Connect IT® 4 User Guide
334
g. Set the port matching criteria for the remote traffic selector:
(config vpn ipsec tunnel ipsec_example policy 0)> remote port value
(config vpn ipsec tunnel ipsec_example policy 0)>
where value is the port number, a range of port numbers, or the keyword any.
h. Set the protocol matching criteria for the remote traffic selector:
(config vpn ipsec tunnel ipsec_example policy 0)> remote protocol value
(config vpn ipsec tunnel ipsec_example policy 0)>
where value is one of:
n any: Matches any protocol.
n tcp: Matches TCP protocol only.
n udp: Matches UDP protocol only.
n icmp: Matches ICMP requests only.
n other: Matches an unlisted protocol.
If other is used, set the number of the protocol:
(config vpn ipsec tunnel ipsec_example policy 0)> remote protocol_
other int
(config vpn ipsec tunnel ipsec_example policy 0)>
Allowed values are an integer between 1 and 255.
19. (Optional) You can also configure various IPsec related time out, keep alive, and related values:
a. Change to the root of the configuration schema:
(config vpn ipsec tunnel ipsec_example policy 0)> ...
(config)>
b. Use the ? to determine available options:
(config)> vpn ipsec advanced ?
Advanced: Advanced configuration that applies to all IPsec tunnels.
Parameters Current Value
-----------------------------------------------------------------------
-------
debug none Debug level
ike_fragment_size 1280 Maximum IKE fragment size
ike_retransmit_tries 5 IKE retransmit tries
keep_alive 40s NAT keep alive time
Additional Configuration
-----------------------------------------------------------------------
--------
connection_retry_timeout Connection retry timeout
connection_try_interval Connection try interval
ike_timeout IKE timeout
To Next Page
Loading...
