User's Manual
Table Of Contents
- ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
- Contents
- 1. Introduction
- 2. Overview of the Configuration Commands
- 3. Net Mode Configuration Commands
- 4. Security Mode Configuration Commands
- Security Services Commands
- Security Schedules Commands
- IPv4 Add Firewall Rule and Edit Firewall Rule Commands
- IPv4 General Firewall Commands
- IPv6 Firewall Commands
- Attack Check Commands
- Session Limit, Time-Out, and Advanced Commands
- Address Filter and IP/MAC Binding Commands
- Port Triggering Commands
- UPnP Command
- Bandwidth Profile Commands
- Content Filtering Commands
- 5. System Mode Configuration Commands
- 6. Dot11 Mode Configuration Commands
- 7. VPN Mode Configuration Commands
- IPSec VPN Wizard Command
- IPSec IKE Policy Commands
- IPSec VPN Policy Commands
- IPSec VPN Mode Config Commands
- SSL VPN Portal Layout Commands
- SSL VPN Authentication Domain Commands
- SSL VPN Authentication Group Commands
- SSL VPN User Commands
- SSL VPN Port Forwarding Commands
- SSL VPN Client Commands
- SSL VPN Resource Commands
- SSL VPN Policy Commands
- RADIUS Server Command
- L2TP Server Commands
- 8. Overview of the Show Commands
- 9. Show Commands
- 10. Utility Commands
- CLI Command Index
VPN Mode Configuration Commands
180
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
To display the IKE policy configuration that the wizard created through the vpn ipsec
wizard configure command, issue the show vpn ipsec ikepolicy setup
command:
FVS318N>
show vpn ipsec ikepolicy setup
List of IKE Policies
____________________
Name Mode Local ID Remote ID Encryption Authentication DH Group
_________________ __________ ______________________ _____________ __________ ______________ ____________
FVS318N-to-Peer44 main fe80::a8ab:bbff:fe00:2 peer44.com 3DES SHA-1 Group 2 (1024 bit)
FVS-to-Paris main 10.139.54.228 10.112.71.154 3DES SHA-1 Group 2 (1024 bit)
iphone aggressive 10.139.54.228 0.0.0.0 AES-128 SHA-1 Group 2 (1024 bit)
IPSec IKE Policy Commands
vpn ipsec ikepolicy configure <ike policy name>
This command configures a new or existing manual IPSec IKE policy. After you have issued
the vpn ipsec ikepolicy configure command to specify the name of a new or existing IKE
policy, you enter the vpn-config [ike-policy] mode, and then you can configure one keyword
and associated parameter or associated keyword or associated keyword at a time in the
order that you prefer.
Step 1 Format vpn ipsec ikepolicy configure <ike policy name>
Mode vpn
Step 2 Format enable_mode_config {N | Y {mode_config_record <record name>}}
direction_type {Initiator | Responder | Both}
exchange_mode {Main | Aggresive}
ip_version {IPv4 | IPv6}
local_identtype {Local_Wan_IP | FQDN | User-FQDN | DER_ASN1_DN}
{local_identifier <identifier>}
remote_identtype {Remote_Wan_IP | FQDN | User-FQDN | DER_ASN1_DN}
{remote_identifier <identifier>}
encryption_algorithm {DES | 3DES | AES_128 | AES_192 | AES_256}
auth_algorithm {MD5 | SHA-1}
auth_method {Pre_shared_key {pre_shared_key <key>} |
RSA_Signature}
dh_group {Group1_768_bit | Group2_1024_bit | Gr
oup5_1536_bit}
lifetime <seconds>
enable_dead_peer_detection {N | Y {detection_period <seconds>}
{reconnect_failure_count <number>}}