User`s guide
191
Bring this tunnel down if it is idle for h hrs m mins s secs
This parameter is used when the IPsec tunnel is configured to come up on demand and
defines how long the IPsec tunnel should remain up if there is no traffic is being sent on the
tunnel.
Renew the tunnel after
Defines the constraints of when the IPsec tunnel SA has to be renewed.
h hrs m mins s secs
Re-new the IPsec SA after the specified amount of time.
n units of traffic
Re-new the IPsec SA after the specified amount of traffic has been passed over the
tunnel.
The units can be Kbytes, Mbytes or Gbytes.
A value of 0 means that this parameter will not be used and SAs will expire and be
renewed based time, rather than amount of traffic.
Related CLI Commands
Entity
Instance
Parameter
Values
Equivalent Web Parameter
eroute n descr String Description
eroute n peerip
IP address or
hostname
The IP address or hostname of the
remote unit
eroute n bakpeerip
IP address or
hostname
Use n as a backup unit
eroute n locip IP address IP Address (for Local LAN)
eroute n locmsk IP Mask IP Mask (for Local LAN)
eroute n locipifent blank, ETH, PPP
Use interface x,y
x = Interface type
eroute n locipifadd Integer
Use interface x,y
y = interface number
eroute n remip IP address IP Address (for Remote LAN)
eroute n remmsk IP Mask IP Mask (for Remote LAN)
eroute n remnetid String Remote Subnet ID
eroute n authmeth
Off, Preshared,
xauthinitpre, rsa,
xauthinitrsa
Use the following security on this
tunnel
eroute n ourid String Our ID
eroute n ouridtype
0 = IKE ID
1 = FQDN
2 = User FQDN
3 = IPv4 Address
Our ID type
eroute n peerid String Remote ID
eroute n privkey Filename RSA Key File