ESR series service routers.ESR-Series. User manual
Step Description Command Keys
38 Configure the start of IKE connection
keys re-approval before the expiration
of the lifetime (optional).
esr(config-ipsec-vpn)# ike rekey
margin { seconds <SEC> |
packets <PACKETS> | kilobytes
<KB> }
<SEC> – time interval in
seconds remaining before the
connection release (set by the
lifetimeseconds command).
Takes values in the range of
[4..86400].
<PACKETS> – number of
packets remaining before the
connection release (set by the
lifetimepackets command).
Takes values in the range of
[4..86400].
<KB> – traffic volume in
kilobytes remaining before the
connection release (set by the
lifetimekilobytes command).
Takes values in the range of
[4..86400].
39 Set the level of margin seconds, margin
packets, margin kilobytes values
random spread (optional).
esr(config-ipsec-vpn)# ike rekey
randomization <VALUE>
<VALUE> – maximum ratio of
values spread, takes values of
[1..100].
40 Describe VPN (optional). esr(config-ipsec-vpn)# description
<DESCRIPTION>
<DESCRIPTION> – profile
description, set by the string of
up to 255 characters.
41 Enable IPsec VPN. esr(config-ipsec-vpn)# enable
9.4.4 Policy-based IPsec VPN configuration example
Objective:
Configure IPsec tunnel between R1 and R2.
R1 IP address – 198.51.100.1;
R2 IP address – 203.0.113.1.
To Next Page
Loading...