Configure Virtual Private Networking (VPN) IPsec parameters
Digi TransPort WR Routers User Guide 445
SA Removal Mode
Determines how IPsec and IKE SAs are removed.
• Normal operation will not delete the IKE SA when all the IPsec SAs that were created by it are
removed and will not remove IPsec SAs when the IKE SA that created them is deleted.
• Remove IKE SA when last IPSec SA removed deletes the IKE SA when all the IPsec SAs that
it created to a particular peer are removed.
• Remove IPSec SAs when IKE SA removed deletes all IPSec SAs that have been created by
the IKE SA that has been removed.
• Both removes IPSec SAs when their IKE SA is deleted, and delete IKE SAs when their IPSec
SAs are removed.
Delete SAs when invalid SPI notifications are received
Deletes IKE SAs when the router receives invalid SPI notifications.
Related CLI commands
Entity Instance Parameter Values Equivalent web parameter
ike 0 inactto 0-255 Stop IKE negotiation if no packet
received for n seconds
ike 0 natt on, off Enable NAT-Traversal
ike 0 initialcontact on, off Send INITIAL-CONTACT notifications
ike 0 respltime on, off Send RESPONDER-LIFETIME
notifications
ike 0 keepph1 on, off Retain phase 1 SA after failed phase 2
negotiation
ike 0 privrsakey Filename RSA private key file
ike 0 delmode 0=Normal
1=Remove IKE SA when last
IPsec SA removed
2=Remove IPsec SAs when
IKE SA remove
3=Both
SA Removal Mode
To Next Page
Loading...
