1. Manuals
  2. Brands
  3. Netopia Manuals
  4. Network Router
  5. CLI 874
  6. Cli reference manual

Netopia CLI 874 Cli Reference Manual page 174

Firmware version 8.7.4
Hide thumbs
Table of Contents

Advertisement

3-30 Command Line Interface Commands Reference
cp { name | index } ipsec ip
[remote
[members {a.b.c.d | a.b.c.d/n | a.b.c.d e.f.g.h | a.b.c.d-e.f.g.h}]
[tep a.b.c.d] ]
[local
[members {a.b.c.d | a.b.c.d/n | a.b.c.d e.f.g.h | a.b.c.d-e.f.g.h}]
[tep a.b.c.d] ]
[via a.b.c.d]
show cp { name | index } ipsec ip
cp { name | index } ipsec sa lifetime { seconds | kbytes } { non-negative-integer | none }
show cp { name | index } ipsec sa lifetime [ { seconds | kbytes } ]
no cp { name | index } ipsec sa lifetime [ { seconds | kbytes } ]
cp { name | index } ipsec dead-peer-detection { yes | no }
show cp { name | index } ipsec dead-peer-detection
no cp { name | index } ipsec dead-peer-detection
These commands set, display, or disable the status of dead peer detection for the specified IPsec Phase 2
profile. Dead peer detection counts the outbound packets on a tunnel. If 256 packets go out without a single
packet coming in, the tunnel SAs are expired and a rekey is started. Rekeying is first attempted on the previous
Phase 1 SA. If the Phase 1 request times out, then the Phase 1 SA is expired and Phase 1 rekeying is begun
over again.
cp { name | index } ipsec dead-peer-detection ping-address remote_net_IPv4_address
show cp { name | index } ipsec dead-peer-detection ping-address
Note:
These commands are supported beginning with firmware version 8.2
These commands allow you to specify or show what IP destination host address is used to verify whether or not
peer is dead. The IP address must belong to a tunnel's remote network (which can be configured as a subnet,
an address range, or an individual host in the IP options menu). The subnet remote network case also disallows
the host part of the address to be all ones or all zeroes. For example, it is not permitted to set the address to
163.176.0.0 or 163.176.255.255 in a class B network.
cp { name | index } ipsec dead-peer-detection ping-retry 1..65535
show cp { name | index } ipsec dead-peer-detection ping-retry
Note:
These commands are supported beginning with firmware version 8.2
These commands allow you to specify or show the retry interval between successive pings (in seconds).
Default is 5 seconds.
IKE/IPSec Connection Profile Commands

Advertisement

Table of Contents
loading

Related Manuals for Netopia CLI 874

Related Products for Netopia CLI 874

This manual is also suitable for:

Netopia ent series

Table of Contents