ESR series service routers.ESR-Series. User manual
•
•
•
Step Description Command Keys
32 Create IPsec VPN policy and switch to
its configuration mode.
esr(config)# security ipsec vpn
<NAME>
<NAME> – VPN name, set by
the string of up to 31
characters.
33 Define the matching mode of data
required for VPN enabling.
esr(config-ipsec-vpn)# mode
<MODE>
<MODE> – VPN operation
mode.
34 Bind IPsec policy to IPsec VPN. esr(config-ipsec-vpn)# ike ipsec-
policy <NAME>
<NAME> – IPsec policy name,
set by the string of up to 31
characters.
35 Set the DSCP value for the use in IP
headers of IKE outgoing packets
(optional).
esr(config-ipsec-vpn)# ike dscp
<DSCP>
<DSCP> – DSCP code value,
takes values in the range of
[0..63].
Default value: 63.
36 Set VPN activation mode. esr(config-ipsec-vpn)# ike
establish-tunnel <MODE>
<MODE> – VPN activation
mode:
by-request – connection
is enabled by an
opposing party;
route – connection is
enabled when there is
traffic routed to the
tunnel;
immediate – tunnel is
enabled automatically
after applying the
configuration.
37 Bind IKE gateway to IPsec VPN. esr(config-ipsec-vpn)# ike
gateway <NAME>
<NAME> – IKE gateway name,
set by the string of up to 31
characters.
38 Set the time interval value in seconds
after which the connection is closed, if
no packet has been received or sent via
SA (optional).
esr(config-ipsec-vpn)# ike idle-
time <TIME>
<TIME> – interval in seconds,
takes values of [4..86400].
39 Disable key re-approval before the IKE
connection is lost due to the timeout,
the number of transmitted packets or
bytes (optional).
esr(config-ipsec-vpn)# ike rekey
disable
To Next Page
Loading...