User`s guide
202
Related CLI Commands
Entity
Instance
Parameter
Values
Equivalent Web Parameter
dpd 0 inact Integer
Mark the IPsec tunnel as suspect if
there is no traffic for n seconds
dpd 0 okint Integer
Send a DPD request on a healthy
link every n seconds
dpd 0 failint Integer
Send a DPD request on a suspect
link every n seconds
dpd 0 maxfail Integer
Close the IPsec tunnels after no
response for n DPD requests
Configuration – Network > Virtual Private Networking (VPN) > IPsec > IKE
The Configuration - Network > Virtual Private Networking (VPN) > IPsec > IKE
folder opens to list configuration pages for IKE 0 and IKE 1 with a separate page for IKE
Responder. The IKE 0 instance can be used as an IKE “initiator” or as an IKE “responder”
whereas IKE 1 can only be used as an initiator. The IKE 0 and IKE 1 pages are therefore
used to set up the IKE 0 and IKE 1 initiator parameters as required. The IKE Responder
page is used to set up the responder parameters for IKE 0.
Configuration – Network > Virtual Private Networking (VPN) > IPsec > IKE
> IKE Debug
Enable IKE Debug
Enables IKE debugging to be displayed on the debug port.
Debug Level
Sets the level of IKE debugging. The options are
• Low
• Medium
• High
• Very High
Debug IP Address Filter
This parameter is used to filter out IKE packets with particular source or destination IP
addresses. The format of this parameter is a comma-separated list of IP addresses. For
example, you may wish to exclude the capture of IKE traffic from IP hosts 10.1.2.3 and
10.2.2.2. This can be done by entering “10.1.2.3,10.2.2.2” for this parameter.
Conversely, you may wish to only capture traffic to and from particular IP hosts. To do this,
use a tilde (~) symbol before the list of IP addresses. For example, to only capture packets
to and from IP host 192.168.47.1, enter “~192.168.47.1” for this parameter.
Forward debug to port
When enabled, the IKE debug is sent to debug serial port.