Home » D-Link Manuals » Network Security & Firewall Devices » D-Link DFL-260E » Manual Viewer

D-Link DFL-260E CLI Guide for DFL-260E - Page 126

Transport mode. Default: Tunnel

Add to My Manuals
Save this manual to your list of manuals

Page 126 highlights

3.28.5. IPsecTunnel LocalNetwork RemoteNetwork RemoteEndpoint IKEAlgorithms IPsecAlgorithms IKELifeTimeSeconds IPsecLifeTimeSeconds IPsecLifeTimeKilobytes EncapsulationMode AuthMethod PSK LocalIDType LocalIDValue GatewayCertificate RootCertificates IDList DHCPOverIPsec AddRouteToRemoteNet PlaintextMTU OriginatorIPType Chapter 3. Configuration Reference The network on "this side" of the IPsec tunnel. The IPsec tunnel will be established between this network and the remote network. The network connected to the remote gateway. The IPsec tunnel will be established between the local network and this network. Specifies the IP address of the remote endpoint. This is the address the security gateway will establish the IPsec tunnel to. It also dictates from where inbound IPsec tunnels are allowed. (Optional) Specifies the IKE Proposal list used with the tunnel. Specifies the IPsec Proposal list used with the tunnel. The lifetime of the IKE connection in seconds. Whenever it expires, a new phase-1 exchange will be performed. (Default: 28800) The lifetime of the IPsec connection in seconds. Whenever it's exceeded, a re-key will be initiated, providing new IPsec encryption and authentication session keys. (Default: 3600) The lifetime of the IPsec connection in kilobytes. (Default: 0) Specifies if the IPsec tunnel should use Tunnel or Transport mode. (Default: Tunnel) Certificate or Pre-shared key. Selects the Pre-shared key to use with this IPsec Tunnel. Selects the type of Local ID to use. (Default: Auto) Specify the local identity of the tunnel ID. Selects the certificate the security gateway uses to authenticate itself to the other IPsec peer. Selects one or more root certificates to use with this IPsec Tunnel. Selects the identification list to use with this IPsec Tunnel. An identification list is a list of the identities that are allowed to establish a IPsec tunnel. (Optional) Allow DHCP over IPsec from single-host clients. (Default: No) Dynamically add route to the remote networks when a tunnel is established. (Default: No) Specifies the size in bytes at which to fragment plaintext packets (rather than fragmenting IPsec). (Default: 1420) Specifies what IP address to use as source IP in e.g. 126

Section	Page
CLI Reference Guide	3
Table of Contents	4
Preface	9
Chapter 1. Introduction	11
1.1. Running a command	11
1.2. Help	12
1.2.1. Help for commands	12
1.2.2. Help for object types	12
1.3. Function keys	13
1.4. Command line history	14
1.5. Tab completion	15
1.5.1. Inline help	15
1.5.2. Autocompleting Current and Default value	15
1.5.3. Configuration object type categories	16
1.6. User roles	17
Chapter 2. Command Reference	19
2.1. Configuration	19
2.1.1. activate	19
2.1.2. add	19
2.1.3. cancel	20
2.1.4. cc	21
2.1.5. commit	22
2.1.6. delete	22
2.1.7. pskgen	23
2.1.8. reject	23
2.1.9. reset	25
2.1.10. set	25
2.1.11. show	26
2.1.12. undelete	28
2.2. Runtime	30
2.2.1. about	30
2.2.2. alarm	30
2.2.3. arp	30
2.2.4. arpsnoop	31
2.2.5. ats	32
2.2.6. bigpond	32
2.2.7. blacklist	33
2.2.8. buffers	34
2.2.9. cam	35
2.2.10. cfglog	35
2.2.11. connections	36
2.2.12. cpuid	36
2.2.13. crashdump	37
2.2.14. dhcp	37
2.2.15. dhcprelay	38
2.2.16. dhcpserver	39
2.2.17. dns	39
2.2.18. dnsbl	40
2.2.19. frags	40
2.2.20. ha	41
2.2.21. hostmon	42
2.2.22. httpalg	42
2.2.23. httpposter	43
2.2.24. hwm	43
2.2.25. idppipes	44
2.2.26. ifstat	44
2.2.27. igmp	45
2.2.28. ippool	46
2.2.29. languagefiles	46
2.2.30. ldap	47
2.2.31. license	47
2.2.32. linkmon	48
2.2.33. logout	48
2.2.34. memory	48
2.2.35. natpool	49
2.2.36. nd	49
2.2.37. ndsnoop	50
2.2.38. netobjects	51
2.2.39. pcapdump	51
2.2.40. pipes	53
2.2.41. pptpalg	54
2.2.42. reconfigure	55
2.2.43. routemon	55
2.2.44. routes	55
2.2.45. rules	56
2.2.46. selftest	57
2.2.47. services	59
2.2.48. sessionmanager	60
2.2.49. settings	61
2.2.50. shutdown	61
2.2.51. sipalg	62
2.2.52. sshserver	64
2.2.53. sslvpn	65
2.2.54. stats	65
2.2.55. techsupport	65
2.2.56. time	66
2.2.57. uarules	66
2.2.58. updatecenter	67
2.2.59. userauth	68
2.2.60. vlan	69
2.3. Utility	70
2.3.1. ping	70
2.4. Misc	71
2.4.1. echo	71
2.4.2. help	71
2.4.3. history	72
2.4.4. ls	72
2.4.5. script	73
Chapter 3. Configuration Reference	76
3.1. Access	77
3.2. Address	79
3.2.1. AddressFolder	79
3.2.1.1. IP6Address	79
3.2.1.2. IP6Group	79
3.2.1.3. EthernetAddress	80
3.2.1.4. EthernetAddressGroup	80
3.2.1.5. IP4HAAddress	80
3.2.1.6. IP4Group	81
3.2.1.7. IP4Address	81
3.2.2. EthernetAddress	82
3.2.3. EthernetAddressGroup	82
3.2.4. IP4Address	82
3.2.5. IP4Group	82
3.2.6. IP4HAAddress	82
3.2.7. IP6Address	82
3.2.8. IP6Group	82
3.3. AdvancedScheduleProfile	83
3.3.1. AdvancedScheduleOccurrence	83
3.4. ALG	84
3.4.1. ALG_FTP	84
3.4.2. ALG_H323	85
3.4.3. ALG_HTTP	85
3.4.3.1. ALG_HTTP_URL	86
3.4.4. ALG_POP3	87
3.4.5. ALG_PPTP	88
3.4.6. ALG_SIP	88
3.4.7. ALG_SMTP	89
3.4.7.1. ALG_SMTP_Email	90
3.4.8. ALG_TFTP	91
3.4.9. ALG_TLS	91
3.5. ARPND	92
3.6. BlacklistWhiteHost	93
3.7. Certificate	94
3.8. Client	95
3.8.1. DynDnsClientCjbNet	95
3.8.2. DynDnsClientDLink	95
3.8.3. DynDnsClientDLinkChina	95
3.8.4. DynDnsClientDyndnsOrg	96
3.8.5. DynDnsClientDynsCx	96
3.8.6. DynDnsClientPeanutHull	97
3.8.7. LoginClientBigPond	97
3.9. COMPortDevice	98
3.10. ConfigModePool	99
3.11. DateTime	100
3.12. Device	101
3.13. DHCPRelay	102
3.14. DHCPServer	103
3.14.1. DHCPServerPoolStaticHost	104
3.14.2. DHCPServerCustomOption	104
3.15. DNS	105
3.16. Driver	106
3.16.1. E1000EthernetPCIDriver	106
3.16.2. ixgbeEthernetPCIDriver	106
3.16.3. IXP4NPEEthernetDriver	107
3.16.4. MarvellEthernetPCIDriver	107
3.16.5. NullEthernetDriver	107
3.16.6. PacketEthernetDriver	107
3.16.7. R8139EthernetPCIDriver	108
3.16.8. R8169EthernetPCIDriver	108
3.16.9. SwitchEthernetDriver	108
3.17. EthernetDevice	110
3.18. HighAvailability	111
3.19. HTTPALGBanners	112
3.20. HTTPAuthBanners	113
3.21. HTTPPoster	114
3.22. HWM	115
3.23. IDList	116
3.23.1. ID	116
3.24. IDPRule	117
3.24.1. IDPRuleAction	117
3.25. IGMPRule	119
3.26. IGMPSetting	121
3.27. IKEAlgorithms	122
3.28. Interface	123
3.28.1. DefaultInterface	123
3.28.2. Ethernet	123
3.28.3. GRETunnel	124
3.28.4. InterfaceGroup	125
3.28.5. IPsecTunnel	125
3.28.6. L2TPClient	127
3.28.7. L2TPServer	129
3.28.8. PPPoETunnel	130
3.28.9. SSLVPNInterface	131
3.28.10. VLAN	132
3.29. IPPool	134
3.30. IPRule	135
3.31. IPRuleFolder	137
3.31.1. IPRule	137
3.32. IPsecAlgorithms	138
3.33. LDAPDatabase	140
3.34. LDAPServer	141
3.35. LinkMonitor	142
3.36. LocalUserDatabase	143
3.36.1. User	143
3.37. LogReceiver	144
3.37.1. EventReceiverSNMP2c	144
3.37.1.1. LogReceiverMessageException	144
3.37.2. LogReceiverMemory	145
3.37.2.1. LogReceiverMessageException	145
3.37.3. LogReceiverSMTP	145
3.37.4. LogReceiverSyslog	146
3.37.4.1. LogReceiverMessageException	146
3.38. NATPool	147
3.39. Pipe	148
3.40. PipeRule	151
3.41. PSK	152
3.42. RadiusAccounting	153
3.43. RadiusServer	154
3.44. RemoteIDList	155
3.45. RemoteManagement	156
3.45.1. RemoteMgmtHTTP	156
3.45.2. RemoteMgmtSNMP	156
3.45.3. RemoteMgmtSSH	157
3.46. RouteBalancingInstance	159
3.47. RouteBalancingSpilloverSettings	160
3.48. RoutingRule	161
3.49. RoutingTable	162
3.49.1. Route6	162
3.49.2. Route	163
3.49.2.1. MonitoredHost	164
3.49.3. SwitchRoute	165
3.50. ScheduleProfile	166
3.51. Service	167
3.51.1. ServiceGroup	167
3.51.2. ServiceICMP	167
3.51.3. ServiceICMPv6	168
3.51.4. ServiceIPProto	169
3.51.5. ServiceTCPUDP	170
3.52. Settings	171
3.52.1. ARPNDSettings	171
3.52.2. AuthenticationSettings	172
3.52.3. ConnTimeoutSettings	173
3.52.4. DHCPRelaySettings	173
3.52.5. DHCPServerSettings	174
3.52.6. FragSettings	174
3.52.7. HWMSettings	176
3.52.8. ICMPSettings	176
3.52.9. IPsecTunnelSettings	177
3.52.10. IPSettings	178
3.52.11. L2TPServerSettings	180
3.52.12. LengthLimSettings	181
3.52.13. LocalReassSettings	181
3.52.14. LogSettings	182
3.52.15. MiscSettings	182
3.52.16. MulticastSettings	183
3.52.17. RemoteMgmtSettings	184
3.52.18. RoutingSettings	185
3.52.19. SSLSettings	186
3.52.20. SSLVPNInterfaceSettings	186
3.52.21. StateSettings	187
3.52.22. TCPSettings	187
3.52.23. VLANSettings	189
3.53. SSHClientKey	190
3.54. UpdateCenter	191
3.55. UserAuthRule	192
Index	196
Commands	196

Match case Limit results 1 per page

LocalNetwork

The network on "this side" of the IPsec tunnel. The

IPsec tunnel will be established between this net-

work and the remote network.

RemoteNetwork

The network connected to the remote gateway. The

IPsec tunnel will be established between the local

network and this network.

RemoteEndpoint

Specifies the IP address of the remote endpoint. This

is the address the security gateway will establish the

IPsec tunnel to. It also dictates from where inbound

IPsec tunnels are allowed. (Optional)

IKEAlgorithms

Specifies the IKE Proposal list used with the tunnel.

IPsecAlgorithms

Specifies the IPsec Proposal list used with the tun-

nel.

IKELifeTimeSeconds

The lifetime of the IKE connection in seconds.

Whenever it expires, a new phase-1 exchange will be

performed. (Default: 28800)

IPsecLifeTimeSeconds

The lifetime of the IPsec connection in seconds.

Whenever it's exceeded, a re-key will be initiated,

providing new IPsec encryption and authentication

session keys. (Default: 3600)

IPsecLifeTimeKilobytes

The lifetime of the IPsec connection in kilobytes.

(Default: 0)

EncapsulationMode

Specifies if the IPsec tunnel should use Tunnel or

Transport mode. (Default: Tunnel)

AuthMethod

Certificate or Pre-shared key.

PSK

Selects the Pre-shared key to use with this IPsec

Tunnel.

LocalIDType

Selects the type of Local ID to use. (Default: Auto)

LocalIDValue

Specify the local identity of the tunnel ID.

GatewayCertificate

Selects the certificate the security gateway uses to

authenticate itself to the other IPsec peer.

RootCertificates

Selects one or more root certificates to use with this

IPsec Tunnel.

IDList

Selects the identification list to use with this IPsec

Tunnel. An identification list is a list of the identities

that

are

allowed

establish

IPsec

tunnel.

(Optional)

DHCPOverIPsec

Allow DHCP over IPsec from single-host clients.

(Default: No)

AddRouteToRemoteNet

Dynamically add route to the remote networks when

a tunnel is established. (Default: No)

PlaintextMTU

Specifies the size in bytes at which to fragment

plaintext packets (rather than fragmenting IPsec).

(Default: 1420)

OriginatorIPType

Specifies what IP address to use as source IP in e.g.

3.28.5. IPsecTunnel

Chapter 3. Configuration Reference

126