•
•
•
Step Description Command Keys
29 Specify the lifetime of IPsec tunnel
(optionally).
esr(config-ipsec-policy)# lifetime
{ seconds <SEC> |
packets <PACKETS> | kilobytes
<KB> }
<SEC> – IPsec tunnel lifetime
after which the re-approval is
carried out. Takes values in the
range of [1140..86400]
seconds.
<PACKETS> – number of
packets after transmitting of
which the IPsec tunnel re-
approval is carried out. Takes
values in the range of
[4..86400].
<KB> – traffic amount after
transmitting of which the IPsec
tunnel re-approval is carried
out. Takes values in the range
of [4..86400] seconds.
30 Create IPsec VPN policy and switch to
its configuration mode.
esr(config)# security ipsecvpn
<NAME>
<NAME> – VPN name, set by
the string of up to 31
characters.
31 Define the matching mode of data
required for VPN enabling.
esr(config-ipsec-vpn)# mode
<MODE>
<MODE> – VPN operation
mode.
32 Bind IPsec policy to VPN. esr(config-ipsec-vpn)#ike ipsec-
policy <NAME>
<NAME> – IPsec policy name,
set by the string of up to 31
characters.
33 Set the DSCP value for the use in IP
headers of IKE outgoing packets
(optionally).
esr(config-ipsec-vpn)#ike dscp
<DSCP>
<DSCP> – DSCP code value,
takes values in the range of
[0..63].
34 Set VPN activation mode. esr(config-ipsec-vpn)#ike
establish-tunnel <MODE>
<MODE> – VPN activation
mode:
by-request – connection
is enabled by an
opposing party;
route – connection is
enabled when there is
traffic routed to the
tunnel;
immediate – tunnel is
enabled automatically
after applying the
configuration.
To Next Page
Loading...
Need help?
General
