User's Manual
Table Of Contents
- ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
- Contents
- 1. Introduction
- 2. Overview of the Configuration Commands
- 3. Net Mode Configuration Commands
- 4. Security Mode Configuration Commands
- Security Services Commands
- Security Schedules Commands
- IPv4 Add Firewall Rule and Edit Firewall Rule Commands
- IPv4 General Firewall Commands
- IPv6 Firewall Commands
- Attack Check Commands
- Session Limit, Time-Out, and Advanced Commands
- Address Filter and IP/MAC Binding Commands
- Port Triggering Commands
- UPnP Command
- Bandwidth Profile Commands
- Content Filtering Commands
- 5. System Mode Configuration Commands
- 6. Dot11 Mode Configuration Commands
- 7. VPN Mode Configuration Commands
- IPSec VPN Wizard Command
- IPSec IKE Policy Commands
- IPSec VPN Policy Commands
- IPSec VPN Mode Config Commands
- SSL VPN Portal Layout Commands
- SSL VPN Authentication Domain Commands
- SSL VPN Authentication Group Commands
- SSL VPN User Commands
- SSL VPN Port Forwarding Commands
- SSL VPN Client Commands
- SSL VPN Resource Commands
- SSL VPN Policy Commands
- RADIUS Server Command
- L2TP Server Commands
- 8. Overview of the Show Commands
- 9. Show Commands
- 10. Utility Commands
- CLI Command Index
VPN Mode Configuration Commands
199
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
pfs_key_group {N | Y {dh_group {Group1_768_bit |
Group2_1024_bit | Group5_1536_bit}}}
sa_lifetime_type {Seconds {sa_lifetime <seconds>} | KBytes
{sa_lifetime <KBytes>})
encryption_algorithm {None | DES | 3DES | AES-128 |
AES-192 | AES-256}
integrity_algorithm {MD5 | SHA-1}
local_ip <ipaddress>
local_subnet_mask <subnet mask>
Mode vpn-config [modeConfig]
Keyword Associated Keyword to
Select or Parameter to Type
Description
Client pool
first_pool_start_ip ipaddress The start IP address for the first Mode
Config pool.
first_pool_end_ip ipaddress The end IP address for the first Mode Config
pool.
second_pool_start_ip ipaddress The start IP address for the second Mode
Config pool.
second_pool_end_ip ipaddress The end IP address for the second Mode
Config pool.
third_pool_start_ip ipaddress The start IP address for the third Mode
Config pool.
third_pool_end_ip ipaddress The end IP address for the third Mode
Config pool.
wins_server_primary_ip ipaddress The IP address of the first WINS server.
wins_server_secondary_ip ipaddress The IP address of the second WINS server.
dns_server_primary_ip ipaddress The IP address of the first DNS server that is
used by remote VPN clients.
dns_server_secondary_ip ipaddress The IP address of the second DNS server
that is used by remote VPN clients.
Traffic tunnel security level
pfs_key_group Y or N Enables or disables Perfect Forward
Secrecy (PFS). If you enable PFS, you need
to issue the dh_group keyword to specify a
group.
dh_group Group1_768_bit,
Group2_1024_bit, or
Group5_1536_bit
Specifies a Diffie-Hellman (DH) group, which
sets the strength of the algorithm in bits. The
higher the group, the more secure the
exchange.