Chapter 33 IPSec VPN
ZyWALL Series CLI Reference Guide
278
The following sections list the IPSec VPN commands.
33.2.1 IPv4 IKEv1 SA Commands
This table lists the commands for IKE SAs (VPN gateways).
sort_order
Sort the list of currently connected SAs by one of the following classifications.
algorithm
encapsulation
inbound
name
outbound
policy
timeout
uptime
auth_method
The name of the authentication profile.
Table 146 Input Values for IPSec VPN Commands (continued)
LABEL DESCRIPTION
Table 147 isakmp Commands: IKE SAs
COMMAND DESCRIPTION
[no] crypto boost-tcp
Enhances TCP throughput traffic performance. This
command must be applied on both local Zyxel Device
and peer Zyxel Device.
The
no command disables this feature.
show crypto boost-tcp
Displays if TCP throughput traffic performance is
enhanced or not.
show isakmp keepalive
Displays the Dead Peer Detection period.
show isakmp policy [policy_name]
Shows the specified IKE SA or all IKE SAs.
[no] isakmp policy policy_name
Creates the specified IKE SA if necessary and enters sub-
command mode. The
no command deletes the
specified IKE SA.
activate
deactivate
Activates or deactivates the specified IKE SA.
authentication {pre-share | rsa-sig
| user-base-psk }
Specifies whether to use a pre-shared key, a certificate,
or a user-based pre-shared key for authentication.
certificate certificate-name
Sets the certificate that can be used for authentication.
[no] dpd
Enables Dead Peer Detection (DPD). The no command
disables DPD.
dpd-interval <15..60>
Sets the Dead Peer Detection (DPD) period.
[no] fall-back
Set this to have the Zyxel Device reconnect to the
primary address when it becomes available again and
stop using the secondary connection, if the connection
to the primary address goes down and the Zyxel Device
changes to using the secondary connection.
Users will lose their VPN connection briefly while the Zyxel
Device changes back to the primary connection. To use
this, the peer device at the secondary address cannot
be set to use a nailed-up VPN connection.
To Next Page
Loading...
