Home » D-Link Manuals » Networking » D-Link DFL-800 » Manual Viewer

D-Link DFL-800 CLI Guide - Page 104

Certificate or Pre-shared key. Default: PSK

UPC - 790069282133

Add to My Manuals
Save this manual to your list of manuals

Page 104 highlights

3.24.5. IPSecTunnel Chapter 3. Configuration Reference Name Equivalent Members Comments Specifies a symbolic name for the interface. (Identifier) Specifies if the interfaces should be considered security equivalent, that means that if enabled the interface group can be used as a destination interface in rules where connections might need to be moved between the two interfaces. (Default: No) Specifies the interfaces that are included in the interface group. Text describing the current object. (Optional) 3.24.5. IPSecTunnel Description An IPsec tunnel item is used to define IPsec endpoint and will appear as a logical interface in the system. Properties Index Name LocalNetwork RemoteNetwork RemoteEndpoint IKEConfigModePool IKEAlgorithms IPSecAlgorithms IKELifeTimeSeconds IPSecLifeTimeSeconds IPSecLifeTimeKilobytes EncapsulationMode AuthMethod PSK The index of the object, starting at 1. (Identifier) Specifies a symbolic name for the interface. The network on "this side" of the IPsec tunnel. The IPsec tunnel will be established between this network and the remote network. The network connected to the remote gateway. The IPsec tunnel will be established between the local network and this network. Specifies the IP address of the remote endpoint. This is the address the security gateway will establish the IPsec tunnel to. It also dictates from where inbound IPsec tunnels are allowed. (Optional) Selects IKE Config Mode Pool to use for the tunnel. (Optional) Specifies the IKE Proposal list used with the tunnel. Specifies the IPsec Proposal list used with the tunnel. The lifetime of the IKE connection in seconds. Whenever it expires, a new phase-1 exchange will be performed. (Default: 28800) The lifetime of the IPsec connection in seconds. Whenever it's exceeded, a re-key will be initiated, providing new IPsec encryption and authentication session keys. (Default: 3600) The lifetime of the IPsec connection in kilobytes. (Default: 0) Specifies if the IPsec tunnel should use Tunnel or Transport mode. (Default: Tunnel) Certificate or Pre-shared key. (Default: PSK) Selects the Pre-shared key to use with this IPsec Tunnel. 104

Section	Page
CLI Reference Guide	3
Table of Contents	4
Preface	9
Chapter 1. Introduction	11
1.1. Running a command	11
1.2. Help	12
1.2.1. Help for commands	12
1.2.2. Help for object types	12
1.3. Function keys	13
1.4. Command line history	14
1.5. Tab completion	15
1.5.1. Inline help	15
1.5.2. Autocompleting current value and default value	15
1.5.3. Configuration object type categories	16
1.6. User roles	17
Chapter 2. Command Reference	19
2.1. Configuration	19
2.1.1. activate	19
2.1.2. add	19
2.1.3. cancel	20
2.1.4. cc	20
2.1.5. commit	21
2.1.6. copy	22
2.1.7. delete	22
2.1.8. pskgen	23
2.1.9. reject	24
2.1.10. reset	25
2.1.11. set	25
2.1.12. show	26
2.1.13. undelete	28
2.2. Runtime	30
2.2.1. about	30
2.2.2. alarm	30
2.2.3. arp	30
2.2.4. arpsnoop	31
2.2.5. ats	32
2.2.6. bigpond	32
2.2.7. blacklist	33
2.2.8. buffers	34
2.2.9. cam	34
2.2.10. certcache	35
2.2.11. cfglog	35
2.2.12. connections	35
2.2.13. cpuid	36
2.2.14. crashdump	37
2.2.15. customlog	37
2.2.16. dconsole	37
2.2.17. dhcp	38
2.2.18. dhcprelay	38
2.2.19. dhcpserver	39
2.2.20. dns	40
2.2.21. dnsbl	40
2.2.22. dynroute	41
2.2.23. frags	41
2.2.24. ha	42
2.2.25. httpposter	42
2.2.26. hwaccel	43
2.2.27. ifstat	43
2.2.28. igmp	44
2.2.29. ikesnoop	44
2.2.30. ippool	45
2.2.31. ipsecglobalstats	46
2.2.32. ipseckeepalive	46
2.2.33. ipsecstats	46
2.2.34. killsa	47
2.2.35. license	47
2.2.36. linkmon	48
2.2.37. lockdown	48
2.2.38. logout	49
2.2.39. memory	49
2.2.40. natpool	49
2.2.41. ospf	50
2.2.42. pipes	51
2.2.43. reconfigure	52
2.2.44. routemon	52
2.2.45. routes	52
2.2.46. rules	53
2.2.47. sessionmanager	54
2.2.48. shutdown	55
2.2.49. sipalg	56
2.2.50. sshserver	57
2.2.51. stats	58
2.2.52. time	58
2.2.53. updatecenter	59
2.2.54. urlcache	59
2.2.55. userauth	60
2.2.56. vlan	61
2.2.57. vpnstats	61
2.2.58. zonedefense	61
2.3. Utility	62
2.3.1. ping	62
2.4. Misc	63
2.4.1. help	63
2.4.2. history	63
Chapter 3. Configuration Reference	65
3.1. Access	66
3.2. Address	68
3.2.1. AddressFolder	68
3.2.1.1. EthernetAddress	68
3.2.1.2. EthernetAddressGroup	68
3.2.1.3. IP4Address	69
3.2.1.4. IP4Group	69
3.2.1.5. IP4HAAddress	70
3.2.2. EthernetAddress	70
3.2.3. EthernetAddressGroup	70
3.2.4. IP4Address	70
3.2.5. IP4Group	70
3.2.6. IP4HAAddress	70
3.3. AdvancedScheduleProfile	71
3.3.1. AdvancedScheduleOccurrence	71
3.4. ALG	72
3.4.1. ALG_FTP	72
3.4.2. ALG_H323	73
3.4.3. ALG_HTTP	73
3.4.3.1. ALG_HTTP_URL	74
3.4.4. ALG_POP3	74
3.4.5. ALG_SIP	75
3.4.6. ALG_TFTP	75
3.5. ARP	77
3.6. BlacklistWhiteHost	78
3.7. Certificate	79
3.8. Client	80
3.8.1. DynDnsClientCjbNet	80
3.8.2. DynDnsClientDLink	80
3.8.3. DynDnsClientDLinkChina	80
3.8.4. DynDnsClientDyndnsOrg	81
3.8.5. DynDnsClientDynsCx	81
3.8.6. DynDnsClientPeanutHull	82
3.8.7. LoginClientBigPond	82
3.9. COMPortDevice	83
3.10. ConfigModePool	84
3.11. DateTime	85
3.12. Device	86
3.13. DHCPRelay	87
3.14. DHCPServer	88
3.14.1. DHCPServerPoolStaticHost	88
3.14.2. DHCPServerCustomOption	89
3.15. DNS	90
3.16. Driver	91
3.16.1. IXP4NPEEthernetDriver	91
3.16.2. MarvellEthernetPCIDriver	91
3.16.3. R8139EthernetPCIDriver	91
3.17. DynamicRoutingRule	92
3.17.1. DynamicRoutingRuleExportOSPF	92
3.17.2. DynamicRoutingRuleAddRoute	93
3.18. EthernetDevice	95
3.19. HighAvailability	96
3.20. HTTPPoster	97
3.21. IDList	98
3.21.1. ID	98
3.22. IDPRule	99
3.22.1. IDPRuleAction	99
3.23. IKEAlgorithms	101
3.24. Interface	102
3.24.1. DefaultInterface	102
3.24.2. Ethernet	102
3.24.3. GRETunnel	103
3.24.4. InterfaceGroup	103
3.24.5. IPSecTunnel	104
3.24.6. L2TPClient	106
3.24.7. L2TPServer	107
3.24.8. PPPoETunnel	108
3.24.9. VLAN	109
3.25. IPPool	111
3.26. IPRule	112
3.27. IPRuleFolder	114
3.27.1. IPRule	114
3.28. IPSecAlgorithms	115
3.29. LDAPServer	116
3.30. LocalUserDatabase	117
3.30.1. User	117
3.31. LogReceiver	118
3.31.1. EventReceiverSNMP2c	118
3.31.1.1. LogReceiverMessageException	118
3.31.2. LogReceiverMemory	118
3.31.3. LogReceiverSMTP	119
3.31.4. LogReceiverSyslog	119
3.31.4.1. LogReceiverMessageException	120
3.32. NATPool	121
3.33. OSPFProcess	122
3.33.1. OSPFArea	123
3.33.1.1. OSPFInterface	123
3.33.1.2. OSPFNeighbor	124
3.33.1.3. OSPFAggregate	125
3.33.1.4. OSPFVLink	125
3.34. Pipe	126
3.35. PipeRule	129
3.36. PSK	130
3.37. RadiusServer	131
3.38. RemoteManagement	132
3.38.1. RemoteMgmtHTTP	132
3.38.2. RemoteMgmtSNMP	132
3.38.3. RemoteMgmtSSH	132
3.39. RoutingRule	134
3.40. RoutingTable	135
3.40.1. Route	135
3.40.2. SwitchRoute	136
3.41. ScheduleProfile	137
3.42. Service	138
3.42.1. ServiceGroup	138
3.42.2. ServiceICMP	138
3.42.3. ServiceIPProto	139
3.42.4. ServiceTCPUDP	139
3.43. Settings	141
3.43.1. ARPTableSettings	141
3.43.2. ConnTimeoutSettings	141
3.43.3. DHCPRelaySettings	142
3.43.4. DHCPServerSettings	143
3.43.5. FragSettings	143
3.43.6. ICMPSettings	144
3.43.7. IPSecTunnelSettings	144
3.43.8. IPSettings	145
3.43.9. L2TPServerSettings	146
3.43.10. LengthLimSettings	147
3.43.11. LocalReassSettings	147
3.43.12. LogSettings	148
3.43.13. MiscSettings	148
3.43.14. RemoteMgmtSettings	148
3.43.15. RoutingSettings	149
3.43.16. SSLSettings	150
3.43.17. StateSettings	151
3.43.18. TCPSettings	152
3.43.19. VLANSettings	153
3.44. SSHClientKey	154
3.45. ThresholdRule	155
3.45.1. ThresholdAction	155
3.46. UpdateCenter	157
3.47. UserAuthRule	158
3.48. ZoneDefenseBlock	160
3.49. ZoneDefenseExcludeList	161
3.50. ZoneDefenseSwitch	162
Index	164
Commands	164

Match case Limit results 1 per page

Name

Specifies a symbolic name for the interface. (Identifier)

Equivalent

Specifies if the interfaces should be considered security equivalent, that means

that if enabled the interface group can be used as a destination interface in rules

where connections might need to be moved between the two interfaces. (Default:

No)

Members

Specifies the interfaces that are included in the interface group.

Comments

Text describing the current object. (Optional)

3.24.5. IPSecTunnel

Description

An IPsec tunnel item is used to define IPsec endpoint and will appear as a logical interface in the

system.

Properties

Index

The index of the object, starting at 1. (Identifier)

Name

Specifies a symbolic name for the interface.

LocalNetwork

The network on "this side" of the IPsec tunnel. The IPsec tun-

nel will be established between this network and the remote

network.

RemoteNetwork

The network connected to the remote gateway. The IPsec tun-

nel will be established between the local network and this net-

work.

RemoteEndpoint

Specifies the IP address of the remote endpoint. This is the

address the security gateway will establish the IPsec tunnel

to. It also dictates from where inbound IPsec tunnels are al-

lowed. (Optional)

IKEConfigModePool

Selects

IKE

Config

Mode

Pool

use

for

the

tunnel.

(Optional)

IKEAlgorithms

Specifies the IKE Proposal list used with the tunnel.

IPSecAlgorithms

Specifies the IPsec Proposal list used with the tunnel.

IKELifeTimeSeconds

The lifetime of the IKE connection in seconds. Whenever it

expires, a new phase-1 exchange will be performed. (Default:

28800)

IPSecLifeTimeSeconds

The lifetime of the IPsec connection in seconds. Whenever

it's exceeded, a re-key will be initiated, providing new IPsec

encryption and authentication session keys. (Default: 3600)

IPSecLifeTimeKilobytes

The lifetime of the IPsec connection in kilobytes. (Default: 0)

EncapsulationMode

Specifies if the IPsec tunnel should use Tunnel or Transport

mode. (Default: Tunnel)

AuthMethod

Certificate or Pre-shared key. (Default: PSK)

PSK

Selects the Pre-shared key to use with this IPsec Tunnel.

3.24.5. IPSecTunnel

Chapter 3. Configuration Reference

104