26: Configuring IPSec
_______________________________________________________________________________________________________
_____________________________________________________________________________________________________
© Virtual Access 2017
GW1000 Series User Manual
Issue: 1.9 Page 238 of 350
Web: DPD Action
UCI: strongswan.@connection[X].dpdaction
Opt: dpdaction
Defines DPD (Dead Peer Detection) action.
Clear down the tunnel if peer does not
respond. Reconnect when traffic brings the
tunnel up.
Clear down the tunnel and bring up as soon
as the peer is available.
Restarts DPD when no activity is detected.
Web: DPD Delay
UCI: strongswan.@connection[X].dpddelay
Opt: dpddelay
Defines the period time interval with which R_U_THERE
messages and INFORMATIONAL exchanges are sent to the peer.
These are only sent if no other traffic is received.
Web: DPD Timeout
UCI:
strongswan.@connection[X].dpdtimeout
Opt: dpdtimeout
Defines the timeout interval, after which all connections to a
peer are deleted in case of inactivity.
Table 79: Information table for IPSec connections settings
26.4.3 Configure secrect settings
Each tunnel requires settings to configure how the local end point of the tunnel proves
its identity to the remote end point.
Figure 123: IPSec secrets settings
Web Field/UCI/Package Option
Web: Enabled
UCI: strongswan.@secret[X].enabled
Opt: enabled
Defines whether this set of credentials is to be used or not.
Web: ID selector
UCI: strongswan.@secret[X].idtype
Opt: idtype
Defines whether IP address or userfqdn is used.
Web: ID selector
UCI: strongswan.@secret[X].localaddress
Opt: localaddress
Defines the local address this secret applies to.
Web: ID selector
UCI: strongswan.@secret[X].
remoteaddress
Opt: remoteaddress
Defines the remote address this secret applies to.
To Next Page
Loading...