User's Manual
Table Of Contents
- ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
- Contents
- 1. Introduction
- 2. Overview of the Configuration Commands
- 3. Net Mode Configuration Commands
- 4. Security Mode Configuration Commands
- Security Services Commands
- Security Schedules Commands
- IPv4 Add Firewall Rule and Edit Firewall Rule Commands
- IPv4 General Firewall Commands
- IPv6 Firewall Commands
- Attack Check Commands
- Session Limit, Time-Out, and Advanced Commands
- Address Filter and IP/MAC Binding Commands
- Port Triggering Commands
- UPnP Command
- Bandwidth Profile Commands
- Content Filtering Commands
- 5. System Mode Configuration Commands
- 6. Dot11 Mode Configuration Commands
- 7. VPN Mode Configuration Commands
- IPSec VPN Wizard Command
- IPSec IKE Policy Commands
- IPSec VPN Policy Commands
- IPSec VPN Mode Config Commands
- SSL VPN Portal Layout Commands
- SSL VPN Authentication Domain Commands
- SSL VPN Authentication Group Commands
- SSL VPN User Commands
- SSL VPN Port Forwarding Commands
- SSL VPN Client Commands
- SSL VPN Resource Commands
- SSL VPN Policy Commands
- RADIUS Server Command
- L2TP Server Commands
- 8. Overview of the Show Commands
- 9. Show Commands
- 10. Utility Commands
- CLI Command Index
VPN Mode Configuration Commands
196
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Command example:
FVS318N>
vpn ipsec vpnpolicy configure FVS-to-Paris
vpn-config[vpn-policy]>
general_policy_type Auto-Policy
vpn-config[vpn-policy]>
general_ip_version IPv4
vpn-config[vpn-policy]>
general_remote_end_point_type IP-Address
vpn-config[vpn-policy]>
general_remote_end_point ip_address 10.112.71.154
vpn-config[vpn-policy]>
general_local_network_type SUBNET
vpn-config[vpn-policy]>
general_local_start_address 192.168.1.0
vpn-config[vpn-policy]>
general_local_subnet_mask 255.255.255.0
vpn-config[vpn-policy]>
general_remote_network_type SUBNET
vpn-config[vpn-policy]>
general_remote_start_address 192.168.50.0
vpn-config[vpn-policy]>
general_remote_subnet_mask 255.255.255.255
vpn-config[vpn-policy]>
auto_sa_lifetime seconds 3600
vpn-config[vpn-policy]>
auto_encryption_algorithm 3DES
vpn-config[vpn-policy]>
auto_authentication_algorithm SHA-1
vpn-config[vpn-policy]>
auto_select_ike_policy FVS-to-Paris
vpn-config[vpn-policy]>
save
Related show command: show vpn ipsec vpnpolicy setup and show vpn ipsec vpnpolicy status
auto_authentication_algorithm
MD5 or SHA-1 Specifies the authentication algorithm to
negotiate the security association (SA):
• SHA-1. Hash algorithm that produces a
160-bit digest.
• MD5. Hash algorithm that produces a
128-bit digest.
auto_enable_pfskeygroup
Y or N Enables or disables Perfect Forward Secrecy
(PFS). If you enable PFS, you need to issue
the auto_dh_group keyword to specify a
group.
auto_dh_group
Group1_768_bit,
Group2_1024_bit,
or
Group5_1536_bit
Specifies a Diffie-Hellman (DH) group, which
sets the strength of the algorithm in bits. The
higher the group, the more secure the
exchange.
auto_select_ike_policy
ike policy name Select an existing IKE policy that defines the
authentication negotiation.
Keyword (might consist of two separate
words)
Associated
Keyword to Select
or Parameter to
Type
Description