ESR series service routers.ESR-Series. User manual
•
•
•
•
•
•
Step Description Command Keys
8 Specify the lifetime of IKE protocol
connection (optional).
esr(config-ike-proposal)# lifetime
seconds <SEC>
<SEC> – time interval, takes
values of [4..86400] seconds.
9 Bind the policy to profile. esr(config-ike-policy)# proposal
<NAME>
<NAME> – IKE protocol name,
set by the string of up to 31
characters.
10 Specify authentication key. esr(config-ike-policy)#pre-shared-
key ascii-text<TEXT>
<TEXT> – string [1..64] ASCII
characters.
11 Create an IKE gateway and switch to its
configuration mode.
esr(config)# security ike gateway
<NAME>
<NAME> – IKE protocol
gateway name, set by the string
of up to 31 characters.
12 Bind IKE policy. esr(config-ike-gw)# ike-policy
<NAME>
<NAME> – IKE protocol policy
name, set by the string of up to
31 characters.
13 Specify IKE version (optional). esr(config-ike-gw)# version
<VERSION>
<version> – IKE protocol
version: v1-only or v2-only.
14 Set the mode of traffic redirection into
the tunnel.
esr(config-ike-gw)#mode<MODE> <MODE> – mode of traffic
redirection into the tunnel,
takes the following values:
policy-based — traffic is
redirected based on the
subnets specified in the
policies;
route-based — traffic is
redirected based on
routes whose gateway is
a tunnel interface.
15 Specify the action for DPD (optional). esr(config-ike-gw)# dead-peer-
detection action <MODE>
<MODE> – DPD operation
mode:
restart – connection
restarts;
clear – conection stops;
hold – connection holds;
none – the mechanism
is disabled, no action is
taken.
16 Specify the interval between sending
messages via DPD mechanism
(optional).
esr(config-ike-gw)#dead-peer-
detection interval <SEC>
<SEC> – interval between
sending messages via DPD
mechanism, takes values of
[1..180] seconds.
To Next Page
Loading...
