ESR series service routers.ESR-Series. User manual
•
•
•
Step Description Command Keys
43 Set VPN activation mode. esr(config-ipsec-vpn)#ike
establish-tunnel <MODE>
<MODE> – VPN activation mode:
by-request – connection
is activated by the
opposite side, available for
the server;
route – the connection is
activated when traffic
routed to the tunnel
appears; it is available for
the server;
immediate – tunnel is
enabled automatically
after applying the
configuration, it is
available for the client;
44 Bind IKE gateway to VPN. esr(config-ipsec-vpn)# ike
gateway <NAME>
<NAME> – IKE gateway name,
set by the string of up to 31
characters.
45 Set the time interval value in seconds
after which the connection is closed, if
no packet has been received or sent
via SA (optional).
esr(config-ipsec-vpn)# ike idle-
time <TIME>
<TIME> – interval in seconds,
takes values of [4..86400].
Default value: 0
46 Disable key re-approval before the IKE
connection is lost due to the timeout,
the number of transmitted packets or
bytes (optional).
esr(config-ipsec-vpn)# ike rekey
disable
Default value: disabled.
47 Configure the start of IKE connection
keys re-approval before the expiration
of the lifetime (optional).
esr(config-ipsec-vpn)# ike rekey
margin { seconds <SEC> |
packets <PACKETS> | kilobytes
<KB> }
<SEC> – time interval in seconds
remaining before the connection
release (set by the
lifetimeseconds command).
Takes values in the range of
[4..86400].
Default value: 540
<PACKETS> – number of packets
remaining before the connection
release (set by the
lifetimepackets command).
Takes values in the range of
[4..86400].
Default value: disabled.
<KB> – traffic volume in kilobytes
remaining before the connection
release (set by the
lifetimekilobytes command). May
take values [4..86400]
Default value: disabled.
To Next Page
Loading...