Install guide
172 Enhancements to IPsec/VPN Release Note
Software Version 2.8.1
C613-10477-00 REV B
ISAKMP will not reattempt XAUTH authentication failures (phase 1.5).
XAUTH failures indicate that either the router or switch and its peer have
different authentication details, or a third party is attempting to connect to the
router or switch. This needs to be investigated manually.
Command Changes
The following table summarises the modified commands:
VPN Tunnel Licencing
By default, the AR415S allows one VPN tunnel. Additional VPN tunnels
require a special feature licence. If you need more VPN tunnels, contact your
authorised distributor or reseller. Other products do not need a special feature
licence for more VPN tunnels.
Command changes
The following table summarises the modified command.
Command Change
create isakmp policy New retryikeattempts parameter.
set isakmp policy New retryikeattempts parameter.
show isakmp counters New retryIkeAttemptsPh1 and retryIkeAttemptsPh2
parameters in output when counters is set to general.
New usePolIkeRetryGood and usePolIkeRetryFailed
parameters in output when counters is set to spd.
show isakmp policy
New Retry IKE Attempts, Current IKE Retries, and
Required IKE Retry Phase parameters in the output when
a policy is specified.
Command Change
show ipsec New output parameters