Home » D-Link Manuals » Networking » D-Link DFL-800 » Manual Viewer

D-Link DFL-800 CLI Guide - Page 105

Enable or disable NAT traversal. Default: OnIfNeeded

UPC - 790069282133

Add to My Manuals
Save this manual to your list of manuals

Page 105 highlights

3.24.5. IPSecTunnel LocalIDType LocalIDValue GatewayCertificate RootCertificates IDList XAuth XAuthUsername XAuthPassword DHCPOverIPSec AddRouteToRemoteNet PlaintextMTU OriginatorIPType OriginatorIP IKEMode DHGroup PFS PFSDHGroup SetupSAPer DeadPeerDetection NATTraversal KeepAlive KeepAliveSourceIP KeepAliveDestinationIP Metric Chapter 3. Configuration Reference Selects the type of Local ID to use. (Default: Auto) Specify the local identity of the tunnel ID. Selects the certificate the security gateway uses to authenticate itself to the other IPsec peer. Selects one or more root certificates to use with this IPsec Tunnel. Selects the identification list to use with this IPsec Tunnel. An identification list is a list of the identities that are allowed to establish a IPsec tunnel. (Optional) Off, Required for inbound or Pass to peer gateway. (Default: Off) Specifies the username to pass to the remote gateway vie IKE XAuth. Specifies the password to pass to the remote gateway vie IKE XAuth. Allow DHCP over IPsec from single-host clients. (Default: No) Dynamically add route to the remote networks when a tunnel is established. (Default: No) Specifies the size in bytes at which to fragment plaintext packets (rather than fragmenting IPsec). (Default: 1424) Specifies what IP address to use as source IP in e.g. NAT. (Default: LocalInterface) Manually specified originator IP address to use as source IP in e.g. NAT. Specifies which IKE mode to use: main or aggressive. (Default: Main) Specifies the Diffie-Hellman group to use when doing key exchanges in IKE. (Default: 2) Specifies whether PFS should be used or not. (Default: None) Specifies which Diffie-Hellman group to use with PFS. (Default: 2) Setup security association per network, host or port. (Default: Net) Enable Dead Peer Detection. (Default: Yes) Enable or disable NAT traversal. (Default: OnIfNeeded) Disabled, Auto or Manual. (Default: Disabled) Source IP address used when sending keep-alive ICMP pings. Destination IP address used when sending keep-alive ICMP pings. Specifies the metric for the auto-created route. (Default: 90) 105

Section	Page
CLI Reference Guide	3
Table of Contents	4
Preface	9
Chapter 1. Introduction	11
1.1. Running a command	11
1.2. Help	12
1.2.1. Help for commands	12
1.2.2. Help for object types	12
1.3. Function keys	13
1.4. Command line history	14
1.5. Tab completion	15
1.5.1. Inline help	15
1.5.2. Autocompleting current value and default value	15
1.5.3. Configuration object type categories	16
1.6. User roles	17
Chapter 2. Command Reference	19
2.1. Configuration	19
2.1.1. activate	19
2.1.2. add	19
2.1.3. cancel	20
2.1.4. cc	20
2.1.5. commit	21
2.1.6. copy	22
2.1.7. delete	22
2.1.8. pskgen	23
2.1.9. reject	24
2.1.10. reset	25
2.1.11. set	25
2.1.12. show	26
2.1.13. undelete	28
2.2. Runtime	30
2.2.1. about	30
2.2.2. alarm	30
2.2.3. arp	30
2.2.4. arpsnoop	31
2.2.5. ats	32
2.2.6. bigpond	32
2.2.7. blacklist	33
2.2.8. buffers	34
2.2.9. cam	34
2.2.10. certcache	35
2.2.11. cfglog	35
2.2.12. connections	35
2.2.13. cpuid	36
2.2.14. crashdump	37
2.2.15. customlog	37
2.2.16. dconsole	37
2.2.17. dhcp	38
2.2.18. dhcprelay	38
2.2.19. dhcpserver	39
2.2.20. dns	40
2.2.21. dnsbl	40
2.2.22. dynroute	41
2.2.23. frags	41
2.2.24. ha	42
2.2.25. httpposter	42
2.2.26. hwaccel	43
2.2.27. ifstat	43
2.2.28. igmp	44
2.2.29. ikesnoop	44
2.2.30. ippool	45
2.2.31. ipsecglobalstats	46
2.2.32. ipseckeepalive	46
2.2.33. ipsecstats	46
2.2.34. killsa	47
2.2.35. license	47
2.2.36. linkmon	48
2.2.37. lockdown	48
2.2.38. logout	49
2.2.39. memory	49
2.2.40. natpool	49
2.2.41. ospf	50
2.2.42. pipes	51
2.2.43. reconfigure	52
2.2.44. routemon	52
2.2.45. routes	52
2.2.46. rules	53
2.2.47. sessionmanager	54
2.2.48. shutdown	55
2.2.49. sipalg	56
2.2.50. sshserver	57
2.2.51. stats	58
2.2.52. time	58
2.2.53. updatecenter	59
2.2.54. urlcache	59
2.2.55. userauth	60
2.2.56. vlan	61
2.2.57. vpnstats	61
2.2.58. zonedefense	61
2.3. Utility	62
2.3.1. ping	62
2.4. Misc	63
2.4.1. help	63
2.4.2. history	63
Chapter 3. Configuration Reference	65
3.1. Access	66
3.2. Address	68
3.2.1. AddressFolder	68
3.2.1.1. EthernetAddress	68
3.2.1.2. EthernetAddressGroup	68
3.2.1.3. IP4Address	69
3.2.1.4. IP4Group	69
3.2.1.5. IP4HAAddress	70
3.2.2. EthernetAddress	70
3.2.3. EthernetAddressGroup	70
3.2.4. IP4Address	70
3.2.5. IP4Group	70
3.2.6. IP4HAAddress	70
3.3. AdvancedScheduleProfile	71
3.3.1. AdvancedScheduleOccurrence	71
3.4. ALG	72
3.4.1. ALG_FTP	72
3.4.2. ALG_H323	73
3.4.3. ALG_HTTP	73
3.4.3.1. ALG_HTTP_URL	74
3.4.4. ALG_POP3	74
3.4.5. ALG_SIP	75
3.4.6. ALG_TFTP	75
3.5. ARP	77
3.6. BlacklistWhiteHost	78
3.7. Certificate	79
3.8. Client	80
3.8.1. DynDnsClientCjbNet	80
3.8.2. DynDnsClientDLink	80
3.8.3. DynDnsClientDLinkChina	80
3.8.4. DynDnsClientDyndnsOrg	81
3.8.5. DynDnsClientDynsCx	81
3.8.6. DynDnsClientPeanutHull	82
3.8.7. LoginClientBigPond	82
3.9. COMPortDevice	83
3.10. ConfigModePool	84
3.11. DateTime	85
3.12. Device	86
3.13. DHCPRelay	87
3.14. DHCPServer	88
3.14.1. DHCPServerPoolStaticHost	88
3.14.2. DHCPServerCustomOption	89
3.15. DNS	90
3.16. Driver	91
3.16.1. IXP4NPEEthernetDriver	91
3.16.2. MarvellEthernetPCIDriver	91
3.16.3. R8139EthernetPCIDriver	91
3.17. DynamicRoutingRule	92
3.17.1. DynamicRoutingRuleExportOSPF	92
3.17.2. DynamicRoutingRuleAddRoute	93
3.18. EthernetDevice	95
3.19. HighAvailability	96
3.20. HTTPPoster	97
3.21. IDList	98
3.21.1. ID	98
3.22. IDPRule	99
3.22.1. IDPRuleAction	99
3.23. IKEAlgorithms	101
3.24. Interface	102
3.24.1. DefaultInterface	102
3.24.2. Ethernet	102
3.24.3. GRETunnel	103
3.24.4. InterfaceGroup	103
3.24.5. IPSecTunnel	104
3.24.6. L2TPClient	106
3.24.7. L2TPServer	107
3.24.8. PPPoETunnel	108
3.24.9. VLAN	109
3.25. IPPool	111
3.26. IPRule	112
3.27. IPRuleFolder	114
3.27.1. IPRule	114
3.28. IPSecAlgorithms	115
3.29. LDAPServer	116
3.30. LocalUserDatabase	117
3.30.1. User	117
3.31. LogReceiver	118
3.31.1. EventReceiverSNMP2c	118
3.31.1.1. LogReceiverMessageException	118
3.31.2. LogReceiverMemory	118
3.31.3. LogReceiverSMTP	119
3.31.4. LogReceiverSyslog	119
3.31.4.1. LogReceiverMessageException	120
3.32. NATPool	121
3.33. OSPFProcess	122
3.33.1. OSPFArea	123
3.33.1.1. OSPFInterface	123
3.33.1.2. OSPFNeighbor	124
3.33.1.3. OSPFAggregate	125
3.33.1.4. OSPFVLink	125
3.34. Pipe	126
3.35. PipeRule	129
3.36. PSK	130
3.37. RadiusServer	131
3.38. RemoteManagement	132
3.38.1. RemoteMgmtHTTP	132
3.38.2. RemoteMgmtSNMP	132
3.38.3. RemoteMgmtSSH	132
3.39. RoutingRule	134
3.40. RoutingTable	135
3.40.1. Route	135
3.40.2. SwitchRoute	136
3.41. ScheduleProfile	137
3.42. Service	138
3.42.1. ServiceGroup	138
3.42.2. ServiceICMP	138
3.42.3. ServiceIPProto	139
3.42.4. ServiceTCPUDP	139
3.43. Settings	141
3.43.1. ARPTableSettings	141
3.43.2. ConnTimeoutSettings	141
3.43.3. DHCPRelaySettings	142
3.43.4. DHCPServerSettings	143
3.43.5. FragSettings	143
3.43.6. ICMPSettings	144
3.43.7. IPSecTunnelSettings	144
3.43.8. IPSettings	145
3.43.9. L2TPServerSettings	146
3.43.10. LengthLimSettings	147
3.43.11. LocalReassSettings	147
3.43.12. LogSettings	148
3.43.13. MiscSettings	148
3.43.14. RemoteMgmtSettings	148
3.43.15. RoutingSettings	149
3.43.16. SSLSettings	150
3.43.17. StateSettings	151
3.43.18. TCPSettings	152
3.43.19. VLANSettings	153
3.44. SSHClientKey	154
3.45. ThresholdRule	155
3.45.1. ThresholdAction	155
3.46. UpdateCenter	157
3.47. UserAuthRule	158
3.48. ZoneDefenseBlock	160
3.49. ZoneDefenseExcludeList	161
3.50. ZoneDefenseSwitch	162
Index	164
Commands	164

Match case Limit results 1 per page

LocalIDType

Selects the type of Local ID to use. (Default: Auto)

LocalIDValue

Specify the local identity of the tunnel ID.

GatewayCertificate

Selects the certificate the security gateway uses to authentic-

ate itself to the other IPsec peer.

RootCertificates

Selects one or more root certificates to use with this IPsec

Tunnel.

IDList

Selects the identification list to use with this IPsec Tunnel. An

identification list is a list of the identities that are allowed to

establish a IPsec tunnel. (Optional)

XAuth

Off, Required for inbound or Pass to peer gateway. (Default:

Off)

XAuthUsername

Specifies the username to pass to the remote gateway vie IKE

XAuth.

XAuthPassword

Specifies the password to pass to the remote gateway vie IKE

XAuth.

DHCPOverIPSec

Allow DHCP over IPsec from single-host clients. (Default:

No)

AddRouteToRemoteNet

Dynamically add route to the remote networks when a tunnel

is established. (Default: No)

PlaintextMTU

Specifies the size in bytes at which to fragment plaintext

packets (rather than fragmenting IPsec). (Default: 1424)

OriginatorIPType

Specifies what IP address to use as source IP in e.g. NAT.

(Default: LocalInterface)

OriginatorIP

Manually specified originator IP address to use as source IP

in e.g. NAT.

IKEMode

Specifies

which

IKE

mode

use:

main

aggressive.

(Default: Main)

DHGroup

Specifies the Diffie-Hellman group to use when doing key ex-

changes in IKE. (Default: 2)

PFS

Specifies whether PFS should be used or not. (Default: None)

PFSDHGroup

Specifies which Diffie-Hellman group to use with PFS.

(Default: 2)

SetupSAPer

Setup security association per network, host or port. (Default:

Net)

DeadPeerDetection

Enable Dead Peer Detection. (Default: Yes)

NATTraversal

Enable or disable NAT traversal. (Default: OnIfNeeded)

KeepAlive

Disabled, Auto or Manual. (Default: Disabled)

KeepAliveSourceIP

Source IP address used when sending keep-alive ICMP pings.

KeepAliveDestinationIP

Destination IP address used when sending keep-alive ICMP

pings.

Metric

Specifies the metric for the auto-created route. (Default: 90)

3.24.5. IPSecTunnel

Chapter 3. Configuration Reference

105