IPsec parameters
Digi TransPort User Guide 398
Use auth authentication on this tunnel
The ESP authentication algorithm to use with this IPsec tunnel. The options are:
• No (None)
•MD5
•SHA1
Use Diffie Hellman group
The Diffie Hellman (DH) group to use when negotiating new IPsec SAs. When used, the IPsec
SA keys cannot be predicted from any of the previous keys generated. The options are
No PFS, 1, 2, or 3. The larger values result in stronger keys, but they take longer to generate.
Use IKE n to negotiate this tunnel
The IKE version to use to negotiate this IPsec tunnel.
Use IKE configuration
The IKE configuration instance to use with this Eroute when the router is configured as an
Initiator.
Bring this tunnel up
Controls how the IPsec tunnel is brought up. The options are:
•All the time
• Whenever a route to the destination is available
• On demand
If the tunnel is down and a packet is ready to be sent
Defines the action that is performed when the IPsec tunnel is down and a packet needs to be
sent. The options are:
• Bring the tunnel up
• Drop the packet
• Send the packet without encryption and authentication
Bring this tunnel down if it is idle for h hrs m mins s secs
Used when the IPsec tunnel is configured to come up on demand and defines how long the
IPsec tunnel should remain up if there is no traffic is being sent on the tunnel.
To Next Page
Loading...
