15: Command Reference
SLC™ 8000 Advanced Console Manager User Guide 384
Description
Configures setting for an IPsec VPN tunnel.
Parameters
set vpn <parameters>
name <VPN Tunnel Name>
ethport <1|2>
auth <rsa|psk>
auth <rsa|psk|x509>
remotehost <Remote Host IP Address or Name>
remoteid <Authentication Name>
remotehop <IP Address>
remotesubnet <one or more subnets in CIDR notation>
localid <Authentication name>
localhop <IP Address>
localsubnet <one or more subnets in CIDR notation>
ikenegotation <main|aggressive>
ikeenc <any|3des|aes>
ikeauth <any|sha1|md5|sha2_256|sha2_512>
ikedhgroup <any|dh2|dh5|dh14|dh15>
espec <any|3des|aes>
espauth <any|sha1|md5|sha2_256|sha2_512>
espdhgroup <any|dh2|dh5|dh14|dh15>
pfs <enable|disable>
lifetime <SA Lifetime in Seconds>
modeconfig <enable|disable>
xauthclient <enable|disable>
xauthlogin <User Login>
remotepeertype <ietf|cisco>
forceencaps <enable|disable>
deadpeerdelay <disable|1-300 seconds>
deadpeertimeout <5-1200 seconds>
deadpeeraction <restart|hold|clear>
Enter RSA public key or Pre-Shared Key of remote host:
set vpn key
Configure X.509 certificate for remote peer or local peer.
set vpn certificate local via <sftp|scp> rootfile <Cert Authority File>
certfile <Certificate File> keyfile <Private Key File>
host <IP Address or Name> login <User Login> [path <Path to Files>
set vpn certificate remote via <sftp|scp> [rootfile
<Cert Authority File>
certfile <Certificate File> host <IP Address or Name>
login <User Login> [path <Path to Files>
Delete X.509 certificate for local and/or remote peer.
set vpn certificate delete
Enter XAUTH password:
set vpn xauthpassword
To Next Page
Loading...
