•
•
•
•
•
•
Step Description Command Keys
7 Create an IKE profile policy and switch
to its configuration mode.
esr(config)# security ike policy
<NAME>
<NAME> – IKE policy name, set
by the string of up to 31
characters.
8 Specify the lifetime of IKE protocol
connection (optionally).
esr(config-ike-proposal)# lifetime
seconds <SEC>
<SEC> – time interval, takes
values of [4..86400] seconds.
9 Bind the policy to profile. esr(config-ike-policy)# proposal
<NAME>
<NAME> – IKE protocol name,
set by the string of up to 31
characters.
10 Specify authentication key. esr(config-ike-policy)#pre-shared-
key ascii-text<TEXT>
<TEXT> – string [1..64] ASCII
characters.
11 Create an IKE gateway and switch to its
configuration mode.
esr(config)# security ike gateway
<NAME>
<NAME> – IKE protocol
gateway name, set by the string
of up to 31 characters.
12 Bind IKE policy. esr(config-ike-gw)# ike-policy
<NAME>
<NAME> – IKE protocol policy
name, set by the string of up to
31 characters.
13 Specify IKE version (optionally). esr(config-ike-gw)# version
<VERSION>
<version> – IKE protocol
version: v1-only or v2-only.
14 Set the mode of traffic redirection into
the tunnel.
esr(config-ike-gw)#mode<MODE> <MODE> – mode of traffic
redirection into the tunnel,
takes the following values:
policy-based — traffic is
redirected based on the
subnets specified in the
policies;
route-based — traffic is
redirected based on
routes whose gateway is
a tunnel interface.
15 Specify the action for DPD (optionally). esr(config-ike-gw)# dead-peer-
detection action <MODE>
<MODE> – DPD operation
mode:
restart – connection
restarts;
clear – conection stops;
hold – connection holds;
none – the mechanism is
disabled, no action is
taken.
To Next Page
Loading...
