Ipsectunnelsettings; Ipsettings - D-Link NetDefend DFL-210 Cli Reference Manual

3.51.8. IPsecTunnelSettings

3.51.8. IPsecTunnelSettings
Description
Settings for the IPsec tunnel interfaces used for establishing IPsec VPN connections to and from this
system.
Properties
IPsecMaxTunnels
IPsecMaxRules
IKESendInitialContact
IKESendCRLs
IKECRLValidityTime
IKEMaxCAPath
IPsecCertCacheMaxCerts
IPsecBeforeRules
IPsecGWNameCacheTime
DPDMetric
DPDKeepTime
DPDExpireTime

3.51.9. IPSettings

Note
This object type does not have an identifier and is identified by the name of the type
only. There can only be one instance of this type.
Amount of IPsec tunnels allowed (0 = automatic). (Default: 0)
Amount of IPsec rules allowed (0 = automatic). (Default: 0)
Send 'initial contact' messages. (Default: Yes)
Send CRLs in the IKE exchange. (Default: Yes)
Maximum number of seconds a CRL is considered valid
(0=obey the 'next update' field in the CRL). (Default: 86400)
Maximum number of CA certificates in a certificate path.
(Default: 15)
Maximum number of entries in the certificate cache. (Default:
1024)
Pass IKE & IPsec (ESP/AH) traffic sent to the security gate-
way directly to the IPsec engine without consulting the ruleset.
(Default: Yes)
Amount of time to keep an IPsec tunnel open when the remote
DNS name fails to resolve. (Default: 14400)
Metric 10s of seconds with no traffic or other evidence of life
in tunnel before SA is removed. (Default: 3)
Number 10s of seconds a SA will remain in dead cache after a
delete. DPD will not trigger if peer already is cached as dead.
(Default: 2)
Number of seconds that DPD-R-U-THERE messages will be
sent. (Default: 15)
Note
This object type does not have an identifier and is identified by the name of the type
only. There can only be one instance of this type.
Chapter 3. Configuration Reference
171