Table of Contents
Advertisement
Virtual Private Networks (VPN)
c. Set the number of seconds between transmissions of dead peer packets. Dead peer
packets are only sent when the tunnel is idle. The default is 60.
(config)> vpn ipsec tunnel ipsec_example dpd delay value
(config)>
d. Set the number of seconds to wait for a response from a dead peer packet before
assuming the tunnel has failed. The default is 90.
(config)> vpn ipsec tunnel ipsec_example dpd timeout value
(config)>
17. (Optional) Create a list of destination networks that require source NAT:
a. Add a destination network:
(config)> add vpn ipsec tunnel ipsec_example nat end
(config vpn ipsec tunnel ipsec_example nat 0)>
b. Set the IPv4 address and optional netmask of a destination network that requires source
NAT. You can also use any, meaning that any destination network connected to the tunnel
will use source NAT.
(config vpn ipsec tunnel ipsec_example nat 0)> dst value
(config vpn ipsec tunnel ipsec_example nat 0)>
18. Configure policies that define the network traffic that will be encapsulated by this tunnel:
a. Change to the root of the configuration schema:
(config vpn ipsec tunnel ipsec_example nat 0)> ...
(config)>
b. Add a policy:
(config)> add vpn ipsec tunnel ipsec_example policy end
(config vpn ipsec tunnel ipsec_example policy 0)>
c. Set the type of local traffic selector:
(config vpn ipsec tunnel ipsec_example policy 0)> local type value
(config vpn ipsec tunnel ipsec_example policy 0)>
where value is one of:
n
IX40 User Guide
address: The address of a local network interface.
Set the address:
i. Use the ?to determine available interfaces:
ii. Set the interface. For example:
(config vpn ipsec tunnel ipsec_example policy 0)> local address eth1
(config vpn ipsec tunnel ipsec_example policy 0)>
IPsec
378
Advertisement
Table of Contents
