•
•
•
Ste
p
Description Command Keys
39 Create IPsec VPN policy and switch to
its configuration mode.
esr(config)# security ipsec vpn
<NAME>
<NAME> – VPN name, set by
the string of up to 31
characters.
40 Define the matching mode of data
required for VPN enabling.
esr(config-ipsec-vpn)# mode
<MODE>
<MODE> – VPN operation
mode, takes the following
values: ike, manual.
41 Bind IPsec policy to VPN. esr(config-ipsec-vpn)#ike ipsec-
policy <NAME>
<NAME> – IPsec policy name,
set by the string of up to 31
characters.
42 Set the DSCP value for the use in IP
headers of IKE outgoing packets
(optionally).
esr(config-ipsec-vpn)#ike dscp
<DSCP>
<DSCP> – DSCP code value,
takes values in the range of
[0..63].
Default value: 63
43 Set VPN activation mode. esr(config-ipsec-vpn)#ike
establish-tunnel <MODE>
<MODE> – VPN activation
mode:
by-request – connection
is activated by the
opposite side, available
for the server;
route – the connection is
activated when traffic
routed to the tunnel
appears; it is available
for the server;
immediate – tunnel is
enabled automatically
after applying the
configuration, it is
available for the client;
44 Bind IKE gateway to VPN. esr(config-ipsec-vpn)# ike
gateway <NAME>
<NAME> – IKE gateway name,
set by the string of up to 31
characters.
45 Set the time interval value in seconds
after which the connection is closed, if
no packet has been received or sent via
SA (optionally).
esr(config-ipsec-vpn)# ike idle-
time <TIME>
<TIME> – interval in seconds,
takes values of [4..86400].
Default value: 0
To Next Page
Loading...
