ESR series service routers.ESR-Series. User manual
Step Description Command Keys
36 Configuration config-ipsec-proposal esr(config)# security ipsec
policy <NAME>
<NAME> – IPsec policy name, set
by the string of up to 31
characters.
37 Bind the policy to profile. esr(config-ipsec-policy)#
proposal <NAME>
<NAME> – IPsec protocol profile
name, set by the string of up to
31 characters.
38 Specify the lifetime of IPsec tunnel
(optional).
esr(config-ipsec-policy)#
lifetime { seconds <SEC> |
packets <PACKETS> | kilobytes
<KB> }
<SEC> – IPsec tunnel lifetime
after which the re-approval is
carried out.
Takes values in the range of
[1140..86400] seconds.
Default value: 540
<PACKETS> – number of packets
after transmitting of which the
IPsec tunnel re-approval is
carried out.
Takes values in the range of
[4..86400].
Default value: disabled.
<KB> – traffic amount after
transmitting of which the IPsec
tunnel re-approval is carried out.
Takes values in the range of
[4..86400] seconds.
Default value: disabled.
39 Create IPsec VPN policy and switch to
its configuration mode.
esr(config)# security ipsec vpn
<NAME>
<NAME> – VPN name, set by the
string of up to 31 characters.
40 Define the matching mode of data
required for VPN enabling.
esr(config-ipsec-vpn)# mode
<MODE>
<MODE> – VPN operation mode,
takes the following values: ike,
manual.
41 Bind IPsec policy to VPN. esr(config-ipsec-vpn)#ike ipsec-
policy <NAME>
<NAME> – IPsec policy name, set
by the string of up to 31
characters.
42 Set the DSCP value for the use in IP
headers of IKE outgoing packets
(optional).
esr(config-ipsec-vpn)#ike dscp
<DSCP>
<DSCP> – DSCP code value,
takes values in the range of
[0..63].
Default value: 63
To Next Page
Loading...