Ipsectunnelsettings - D-Link DFL-260E Reference Manual

3.67. IPsecTunnelSettings

Description
Settings for the IPsec tunnel interfaces used for establishing IPsec VPN connections to and from
this system.
Properties
IPsecMaxTunnels
IPsecMaxRules
IKESendInitialContact
IKESendCRLs
IKECRLValidityTime
IKEMaxCAPath
IPsecCertCacheMaxCerts
IPsecBeforeRules
IPsecGWNameCacheTime
DPDMetric
FlowMetric
IPsecDPDNoWaitWorryTime
DPDKeepTime
DPDExpireTime
IPsecHardwareAcceleration
Chapter 3: Configuration Reference
Amount of IPsec tunnels allowed (0 = automatic).
(Default: 0)
Amount of IPsec rules allowed (0 = automatic).
(Default: 0)
Send 'initial contact' messages. (Default: Yes)
Send CRLs in the IKE exchange. (Default: Yes)
Maximum number of seconds a CRL is considered
valid (0=obey the 'next update' field in the CRL).
(Default: 86400)
Maximum number of CA certificates in a certificate
path. (Default: 15)
Maximum number of entries in the certificate
cache. (Default: 1024)
Pass IKE & IPsec (ESP/AH) traffic sent to the firewall
directly to the IPsec engine without consulting the
ruleset. (Default: Yes)
Amount of time to keep an IPsec tunnel open
when the remote DNS name fails to resolve.
(Default: 14400)
Metric 10s of seconds with no traffic or other
evidence of life in tunnel before SA is removed.
(Default: 3)
Minimum number of seconds without data traffic
in a flow to activate IKE DPD liveness checks from
the corresponding IKE SA. (Default: 15)
Do not wait for 10 times the value of DPD Metric
after the value of Flow Metric has expired without
aliveness sign before activating IKE DPD. (Default:
No)
Number 10s of seconds a SA will remain in dead
cache after a delete. DPD will not trigger if peer
already is cached as dead. (Default: 2)
Number of seconds that DPD-R-U-THERE messages
will be sent. (Default: 15)
IPsec hardware acceleration. (Default: Inline)
222