Table of Contents
Advertisement
Chart I-5
IPSec Commands
COMMAND
spd
switch
<on|off>
swSkipOverl
<on|off>
ap
timer
chk_input
chk_my_ip
chk_conn.
update_peer
updatePeerI
p
display
<rule #>
Command Interpreter I-13
DESCRIPTION
When a dynamic rule accepts a request
and a tunnel is established, a runtime SPD
is created according to the peer's local IP
address. This command displays these
runtime SPDs.
As long as there is one active IPSec rule,
all packets will go into the IPSec process to
check against the SPD. When this switch is
turned on packets will not be put through
the IPSec process, even if there are active
IPSec rules.
Turn this on to have the device allow rules
with overlapping source and destination IP
addresses.
Sets the timer for checking if the WAN IP in
the menu has changed. The interval is in
seconds (10 default) and 0 is not a valid
value.
Sets the idle timeout for IPSec
connections. The system disconnects an
IPSec connection with no traffic for the
timeout period. The interval is in minutes (2
default) and 0 means the connection never
times out.
Sets the auto-timer for updating IPSec
rules that use a domain name as the
secure gateway IP address. The interval is
in minutes (30 default) and 0 means it
never updates.
Forces the system to immediately update
IPSec rules which use a domain name as
the secure gateway IP address.
Displays the specified IPSec rule.
Contivity 251 VPN Switch User's Guide
Advertisement
Table of Contents
