Table of Contents
Advertisement
Virtual Private Networks (VPN)
d. Set the number of seconds to wait for a response from a dead peer packet before
assuming the tunnel has failed. The default is 90.
(config)> vpn ipsec tunnel ipsec_example dpd timeout value
(config)>
17. (Optional) Create a list of destination networks that require source NAT:
a. Add a destination network:
(config)> add vpn ipsec tunnel ipsec_example nat end
(config vpn ipsec tunnel ipsec_example nat 0)>
b. Set the IPv4 address and optional netmask of a destination network that requires source
NAT. You can also use any, meaning that any destination network connected to the tunnel
will use source NAT.
(config vpn ipsec tunnel ipsec_example nat 0)> dst value
(config vpn ipsec tunnel ipsec_example nat 0)>
18. Configure policies that define the network traffic that will be encapsulated by this tunnel:
a. Change to the root of the configuration schema:
(config vpn ipsec tunnel ipsec_example nat 0)> ...
(config)>
b. Add a policy:
(config)> add vpn ipsec tunnel ipsec_example policy end
(config vpn ipsec tunnel ipsec_example policy 0)>
c. Set the type of local network policy:
(config vpn ipsec tunnel ipsec_example policy 0)> local type value
(config vpn ipsec tunnel ipsec_example policy 0)>
where value is one of:
n
TX54 User Guide
address: The address of a local network interface.
Set the address:
i. Use the ? to determine available interfaces:
(config vpn ipsec tunnel ipsec_example policy 0)> local
address ?
Address: The local network interface to use the address of.
This field must be set when 'Type' is set to 'Address'.
Format:
defaultip
defaultlinklocal
lan1
lan_hotspot
loopback
IPsec
310
Advertisement
Table of Contents
