D-Link NetDefend DFL-210 Cli Reference Manual page 123

Network security firewall ver. 1.03

Hide thumbs Also See for NetDefend DFL-210:

User manual (495 pages)

Log reference manual (476 pages)

Cli reference manual (213 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

page of 194

/ 194
Contents
Table of Contents
Bookmarks

Table of Contents

3.28.5. IPsecTunnel

IPsecLifeTimeSeconds

IPsecLifeTimeKilobytes

EncapsulationMode

AuthMethod

PSK

LocalIDType

LocalIDValue

GatewayCertificate

RootCertificates

IDList

XAuth

XAuthUsername

XAuthPassword

DHCPOverIPsec

AddRouteToRemoteNet

PlaintextMTU

OriginatorIPType

OriginatorIP

OriginatorHAIP

IKEMode

DHGroup

PFS

PFSDHGroup

The lifetime of the IPsec connection in seconds. Whenever

it's exceeded, a re-key will be initiated, providing new IPsec

encryption and authentication session keys. (Default: 3600)

The lifetime of the IPsec connection in kilobytes. (Default: 0)

Specifies if the IPsec tunnel should use Tunnel or Transport

mode. (Default: Tunnel)

Certificate or Pre-shared key. (Default: PSK)

Selects the Pre-shared key to use with this IPsec Tunnel.

Selects the type of Local ID to use. (Default: Auto)

Specify the local identity of the tunnel ID.

Selects the certificate the security gateway uses to authentic-

ate itself to the other IPsec peer.

Selects one or more root certificates to use with this IPsec

Tunnel.

Selects the identification list to use with this IPsec Tunnel. An

identification list is a list of the identities that are allowed to

establish a IPsec tunnel. (Optional)

Off, Required for inbound or Pass to peer gateway. (Default:

Off)

Specifies the username to pass to the remote gateway vie IKE

XAuth.

Specifies the password to pass to the remote gateway vie IKE

XAuth.

Allow DHCP over IPsec from single-host clients. (Default:

No)

Dynamically add route to the remote networks when a tunnel

is established. (Default: No)

Specifies the size in bytes at which to fragment plaintext

packets (rather than fragmenting IPsec). (Default: 1420)

Specifies what IP address to use as source IP in e.g. NAT.

(Default: LocalInterface)

Manually specified originator IP address to use as source IP

in e.g. NAT.

Manually specified private originator IP address for use in

HA. (Optional)

Specifies which IKE mode to use: main or aggressive.

(Default: Main)

Specifies the Diffie-Hellman group to use when doing key ex-

changes in IKE. (Default: 2)

Specifies whether PFS should be used or not. (Default: None)

Specifies which Diffie-Hellman group to use with PFS.

(Default: 2)

123

Chapter 3. Configuration Reference

Table of Contents

This manual is also suitable for:

Dfl-800 Netdefend dfl-860 Dfl-1600 Netdefend dfl-2500 Netdefend dfl-260 Netdefend dfl-800 ... Show all

D-Link NetDefend DFL-210 Cli Reference Manual page 123

Related Manuals for D-Link NetDefend DFL-210

Related Products for D-Link NetDefend DFL-210

This manual is also suitable for:

Table of Contents