D-Link DFL-260E CLI Guide for DFL-260E - Page 126
Transport mode. Default: Tunnel
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 126 highlights
3.28.5. IPsecTunnel LocalNetwork RemoteNetwork RemoteEndpoint IKEAlgorithms IPsecAlgorithms IKELifeTimeSeconds IPsecLifeTimeSeconds IPsecLifeTimeKilobytes EncapsulationMode AuthMethod PSK LocalIDType LocalIDValue GatewayCertificate RootCertificates IDList DHCPOverIPsec AddRouteToRemoteNet PlaintextMTU OriginatorIPType Chapter 3. Configuration Reference The network on "this side" of the IPsec tunnel. The IPsec tunnel will be established between this network and the remote network. The network connected to the remote gateway. The IPsec tunnel will be established between the local network and this network. Specifies the IP address of the remote endpoint. This is the address the security gateway will establish the IPsec tunnel to. It also dictates from where inbound IPsec tunnels are allowed. (Optional) Specifies the IKE Proposal list used with the tunnel. Specifies the IPsec Proposal list used with the tunnel. The lifetime of the IKE connection in seconds. Whenever it expires, a new phase-1 exchange will be performed. (Default: 28800) The lifetime of the IPsec connection in seconds. Whenever it's exceeded, a re-key will be initiated, providing new IPsec encryption and authentication session keys. (Default: 3600) The lifetime of the IPsec connection in kilobytes. (Default: 0) Specifies if the IPsec tunnel should use Tunnel or Transport mode. (Default: Tunnel) Certificate or Pre-shared key. Selects the Pre-shared key to use with this IPsec Tunnel. Selects the type of Local ID to use. (Default: Auto) Specify the local identity of the tunnel ID. Selects the certificate the security gateway uses to authenticate itself to the other IPsec peer. Selects one or more root certificates to use with this IPsec Tunnel. Selects the identification list to use with this IPsec Tunnel. An identification list is a list of the identities that are allowed to establish a IPsec tunnel. (Optional) Allow DHCP over IPsec from single-host clients. (Default: No) Dynamically add route to the remote networks when a tunnel is established. (Default: No) Specifies the size in bytes at which to fragment plaintext packets (rather than fragmenting IPsec). (Default: 1420) Specifies what IP address to use as source IP in e.g. 126