The following displays an example of a static lan-to-lan configuration using cert-auth:
interface "VPRN1" tunnel create
7450 ESS System Mangement Guide
sap tunnel-1.private:1 create
ipsec-tunnel "Sanity-1" create
security-policy 1
local-gateway-address 30.1.1.13 peer 50.1.1.15 delivery-service 300
dynamic-keying
ike-policy 1
pre-shared-key "Sanity-1"
transform 1
cert
trust-anchor "R1-0"
cert "M2cert.der"
key "M2key.der"
exit
exit
no shutdown
exit
exit
exit
Security
Page 79