Step Description Command Keys
23 Specify the time period of response to
DPD mechanism messages
(optionally).
esr(config-ike-gw)# dead-peer-
detection timeout <SEC>
<SEC> – time interval of
response to DPD mechanism
messages, takes values of
[1..180] seconds.
Default value: 30 seconds
24 Bind VTI tunnel to IKE gateway. esr(config-ike-gw)# bind-interface
vti <VTI>
<VTI> – VTI ID.
25 Create IPsec profile. esr(config)# security ipsec
proposal <NAME>
<NAME> – IPsec protocol
profile name, set by the string
of up to 31 characters.
26 Specify IPsec authentication algorithm
(optionally)
esr(config-ipsec-proposal)#
authentication algorithm
<ALGORITHM>
<ALGORITHM> –
authentication algorithm, takes
values of: md5, sha1, sha2-256,
sha2‑384, sha2-512.
Default value: sha1
27 Specify IPsec encryption algorithm
(optionally)
esr(config-ipsec-proposal)#
encryption algorithm
<ALGORITHM>
<ALGORITHM> – encryption
protocol, takes the following
values: des, 3des, blowfish128,
blowfish192, blowfish256,
aes128, aes192, aes256,
aes128ctr, aes192ctr,
aes256ctr, camellia128,
camellia192, camellia256.
Default value: 3des
28 Specify encapsulation protocol for
IPsec (optionally).
esr(config-ipsec-proposal)#
protocol <PROTOCOL>
<PROTOCOL> – encapsulation
protocol, takes the following
values:
Default value: esp
29 Create an IPsec policy and switch to its
configuration mode.
esr(config)# security ipsec policy
<NAME>
<NAME> – IPsec policy name,
set by the string of up to 31
characters.
30 Bind IPsec profile to IPsec policy. esr(config-ipsec-policy)# proposal
<NAME>
<NAME> – IPsec protocol
profile name, set by the string
of up to 31 characters.
To Next Page
Loading...
