Specifications
CLI Reference
Altitude 35x0 Access Point Product Reference Guide72
admin(network.wan.vpn)> set
Sets VPN entry parameters.
Syntax
set type <name> <tunnel type> Sets the tunnel type <name> to
Auto
or
Manual
for the specified tunnel name.
authalgo <name> <authalgo> Sets the authentication algorithm for
<name> to (
None
,
MD5
, or
SHA1
).
authkey <name> <dir> <authkey> Sets the AH authentication key (if type is
Manual) for tunnel <name> with the
direction set to
IN
or
OUT
, and the
manual authentication key set to
<authkey>. (The key size is 32 hex
characters for MD5, and 40 hex
characters for SHA1).
esp-type <name> <esptype> Sets the Encapsulating Security Payload
(ESP) type. Options include
None
,
ESP
,
or
ESP-AUTH
.
esp-encalgo <name> <escalgo> Sets the ESP encryption algorithm.
Options include
DES
,
3DES
,
AES128
,
AES192
, or
AES256
).
esp-enckey <name> <dir> <enckey> Sets the Manual Encryption Key in ASCII
for tunnel <name> and direction
IN
or
OUT
to the key <enc-key>. The size of
the key depends on the encryption
algorithm.
- 16 hex characters for DES
- 48 hex characters for 3DES
- 32 hex characters for AES128
- 48 hex characters for AES192
- 64 hex characters for AES256
esp-authalgo <name> <authalgo> Sets the ESP authentication algorithm.
Options include
MD5
or
SHA1
.
esp-authkey <name> <dir> <authkey> Sets ESP Authentication key <name>
either for
IN
or
OUT
direction to <auth-
key>, an ASCII string of hex characters. If
authalgo is set to
MD5
, then provide 32
hex characters. If authalgo is set to
SHA1
, provide 40 hex characters.
spi <name> <algo> <dir> <value> Sets 6 character
IN
(bound) or
OUT
(bound) for
AUTH
(Manual
Authentication) or
ESP
for <name> to
<spi> (a hex value more than 0xFF)
<value>.
usepfs <name> <mode> Enables or disables Perfect Forward
Secrecy for <name>.
salife <name> <lifetime> Defines the name of the tunnnel <name>
the Security Association Life Time <300-
65535> applies to in seconds.
ike opmode <name> <opmode> Sets the Operation Mode of IKE for
<name> to
Main
or
Aggr
(essive).
myidtype <name> <idtype> Sets the Local ID type for IKE
authentication for <name> (1 to 13
characters) to <idtype> (
IP
,
FQDN
, or
UFQDN
).
remidtype <name> <idtype> Sets the Remote ID type for IKE
authentication for <name> (1 to 13
characters) to <idtype> (
IP
,
FQDN
, or
UFQDN
).