IPsec parameters
Digi TransPort User Guide 440
Advanced IKEv2 Responder parameters
Stop IKE negotiation if no packet received for n seconds
The period of time, in seconds, after which the router will stop the IKEv2 negotiation when no
response to a negotiation packet has been received.
Enable NAT-Traversal
Enables support for NAT Traversal within IKE/IPsec. When one end of an IPsec tunnel is behind
a NAT box, some form of NAT traversal may be required before the IPsec tunnel can pass
packets. Turning NAT Traversal on enables the IKE protocol to discover whether or not one or
both ends of a tunnel is behind a NAT box, and implements a standard NAT traversal protocol
if NAT is not being performed.
The version of NAT traversal supported is that described in the IETF draft draft-ietf-ipsec-nat-
t-ike-03.txt.
NAT traversal keep-alive interval n seconds
The interval, in seconds, in which the NAT Traversal keepalive packets are sent to a NAT device
in order to prevent NAT table entry from expiring.
RSA private key file
The name of a X.509 certificate file holding the router’s private part of the public/private key
pair used in certificate exchanges. See X.509 Certificates on page 392 for further explanation.
Related CLI commands
Entity Instance Parameter Values Equivalent Web Parameter
ike2 0 inactto 0-255 Stop IKE negotiation if no packet
received for n seconds
ike2 0 natt on, off Enable NAT-Traversal
ike2 0 natkaint Integer NAT traversal keep-alive interval n
seconds
ike2 0 privrsakey Filename RSA private key file
To Next Page
Loading...
