User's Manual

ManualsBrandsNortel Networks ManualsNetwork RouterNortel Networks Network Router BCM50a

Appendix G Command Interpreter 257

BCM50a Integrated Router Configuration — Advanced

IPSec commands

Table 60 lists and describes the IP Sec commands. Each of these commands must

be preceded by

ipsec. For example, type ipsec display 3 to display the third

IPSec rule, if you have it configured.

Table 60 IPSec commands

Command Description

debug type <0:Disable |

1:Original

on|off | 2:IKE

on|off | 3:

IPSec

[SPI]|on|off |

4:XAUTHon|off |

5:CERT on|off |

6: All>

Turns the trace for IPsec debug

information on or off.

level <0:None |

1:User | 2:Low

| 3:High>

Sets the debug level. The higher the

number, the more detailed.

display

Shows debugging information, including

type and level.

switch <on|off>

As long as there is one active IPSec rule,

all packets go into the IPSec process to

check against the SPD. When this switch

is turned on, packets are not be put

through the IPSec process, even if there

are active IPSec rules.

timer

chk_conn. <0~255>

Sets the idle timeout for IPSec

connections. The system disconnects an

IPSec connection with no traffic for the

timeout period. The interval is in minutes

(2 default) and 0 means the connection

never times out.

dpdTime <minutes>

Sets the idle timeout for IPSec

connections where the BCM50a

Integrated Router is waiting for a

response from the peer.

update_peer <0~255>

Sets the autotimer for updating IPSec

rules that use a domain name as the

secure gateway IP address. The interval

is in minutes (30 default) and 0 means it

never updates.