D-Link DSR-250 Cli Reference Manual page 73
Hide thumbs
Also See for DSR-250:
- User manual (233 pages) ,
- Quick installation manual (33 pages) ,
- Reference manual (129 pages)
Table of Contents
Advertisement
Unified Services Router
Sl No
Command Name
auto_phase1_key_l
31
ength
auto_phase1_auth_
32
algorithm
auto_phase1_auth_
33
method
auto_phase1_pre_s
34
hared_key
auto_phase1_dh_gr
35
oup
auto_phase1_sa_li
36
fetime
auto_phase1_enabl
37
e_dead_peer_detec
tion
auto_phase1_detec
38
tion_period
auto_phase1_recon
39
nect_failure_coun
t
auto_phase1_exten
40
ded_authenticatio
n
Description
BLOWFISH and CAST128 are variable
length algorithms, and so the key length
field is required when using either of
these encryption types. For
BLOWFISH, the Key Length must be
between 40 and 448 and it must be a
multiple of 8. For CAST128, the Key
Length must be between 40 and 128
and it must be a multiple of 8
Specify the authentication algorithm for
the VPN header. There are many
algorithms
Select Pre-shared key for a simple
password based key. Selecting RSA-
Signature will disable the pre-shared
key text box and uses the Active Self
Certificate uploaded in the Certificates
page. In that case, a certificate must be
configureD
alpha-numeric key to be shared with
IKE peer
The Diffie-Hellman algorithm is used
when exchanging keys. The DH Group
sets the strength of the algorithm in
bits.
the interval after which the Security
Association becomes invalid.
Dead Peer Detection is used to detect
whether the Peer is alive or not. If peer
is detected as Dead, it deletes the IPs
Detection Period is the interval between
consecutive DPD R-U-THERE
messages. DPD R-U-THERE
messages are sent only when
Maximum number of DPD failures
allowed before tearing down the
connection.
Rather than configuring a unique VPN
policy for each user, you can enable the
VPN gateway router to authenticate
users from a stored list of user
accounts or with an external
authentication server such as a
RADIUS server. When connecting
many VPN clients to a VPN gateway
router, XAUTH allows authentication of
users with methods in addition to the
71
CLI Reference Guide
Type and Description
Unsigned integer
Specify the authentication
algorithm for the VPN header.
Algorithms supported by this
router:
MD5/SHA-1/SHA2-256/SHA2-
384/SHA2-512)
Pre-shared key/RSA Signature
(Pre-shared-Key/RSA-Signature)
String,
alpha-numeric key to be shared
with IKE peer
(None/Group1/Group2/Group5/Gro
up14/Group15/Group16/Group17/
Group18)
Unsigned integer,
Boolean (Y/N)
Unsigned integer,
Detection period interval
Unsigned integer,
Dpd failure count
Extebded Authentication
(NONE/IPSec Host/Edge Device)
Hide quick links:
Advertisement
Table of Contents
