Global Configuration Mode

Global Configuration Commands

ipsec net-to-net

Use the ipsec net-to-netcommand to create a network-to-network connection.

Syntax: (config)# ipsec net-to-net remote-ip {addressany} remote-subnet {ip address mask maskany} pre-share secret

Field

Definition

remote-ip

address - Enter the remote tunnel endpoint address.

 

any - Allow any IP address.

 

 

remote-subnet

address - Enter an IP address if it is a remote IP.

 

mask - Enter an IP mask if it is a remote IP.

 

any - Allow any IP address.

 

 

secret

Enter a pre-shared secret string.

 

 

Example: (config)# ipsec net-to-host remote-ip 10.10.1.1 pre-share mysecret

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

ipsec replay

Use the ipsec replay command to enable anti-replay protection. To disable anti-replay protection, see no ipsec replay command on page 4-41.

Syntax: (config)# ipsec replay

Example: (config)# ipsec replay

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

ipsec vpn_ipsec

Use the ipsec vpn_ipsec command to allow access to configuration commands for a specific IPSec connection. See Chapter 14, Configuration - IPSec Mode for commands in this mode. To delete this interface, see no ipsec vpn_ipsec command on page 4-42.

Note: This connection must be created first. See ipsec net-to-hostcommand on page 4-23and ipsec net- to-netcommand on page 4-24to create an IPSec connection.

Syntax: (config)# ipsec vpn_ipsec connection-id

Field

Definition

connection-id

Enter the name of a connection.

 

 

Example: (config)# ipsec vpn_ipsec 1

(config-ipsec-1)#

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

4-24

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

Page 150
Image 150
Carrier Access none manual Ipsec net-to-net, Ipsec replay, Ipsec vpnipsec, Remote-ip, Remote-subnet