CLI configuration
ipsec phase2
288
Example
Use the following command to edit an IPSec VPN phase 1 configuration with the
following characteristics:
•
Phase 1 configuration name: Simple_GW
•
Remote peer address type: Dynamic
•
Encryption and authentication proposal: des-md5
•
Authentication method: psk
•
Pre-shared key: Qf2p3O93jIj2bz7E
•
Mode: aggressive
•
Dead Peer Detection: enable
•
Long idle: 1000
•
Short idle: 150
•
Retry count: 5
•
Retry interval: 30
config vpn ipsec phase1
edit Simple_GW
set Type dynamic
set proposal des-md5
set authmethod psk
set psksecret Qf2p3O93jIj2bz7E
set mode aggressive
set dpd enable
set dpd-idlecleanup 1000
set dpd-idleworry 150
set dpd-retrycount 5
set dpd-retryinterval 30
end
Use the config vpn ipsec phase2 CLI command to add or edit an IPSec VPN
phase 2 configuration.
Command syntax pattern
config vpn ipsec phase2
edit <name_str>
set <keyword> <variable>
end
config vpn ipsec phase2
edit <name_str>
unset <keyword>
end
config vpn ipsec phase2
delete <name_str>
end
01-28011-0254-20051115
VPN
Fortinet Inc.