Syntax

exchange-mode (mainaggressive)

Example

NGFW{running-ipsec-vpn-myvpn}exchange-mode aggressive

NGFW{running-ipsec-vpn-myvpn}identity

Configure local and remote IKE Identities.

Syntax

identity local ((ip-address A.B.C.DX:X::X:XanyLADDR)(fqdn HOSTNAMEanyLHOSTNAME)(user-fqdn EMAILADDRESSanyLEMAIL)(asn1dn asn1dnanyLASNDNAME)) [remote (ip-address A.B.C.DX:X::X:XanyRADDR)(fqdn HOSTNAMEanyRHOSTNAME)(user-fqdn EMAILADDRESSanyREMAIL)(asn1dn asn1dnanyRASNDNAME)]

Example

NGFW{running-ipsec-vpn-myvpn}identity local nearside.example.com remote farside.example.com

NGFW{running-ipsec-vpn-myvpn}ip-compression

Enable or disable IP Compression.

Syntax

ip-compression (enabledisable)

Example

NGFW{running-ipsec-vpn-myvpn}ip-compression enable

NGFW{running-ipsec-vpn-myvpn}ip-pool

Configure IP Pool for remote VPN clients.

Syntax

ip-pool (A.B.C.D/MX:X::X:X/M)

Example

NGFW{running-ipsec-vpn-myvpn}ip-pool 192.168.1.0/24

NGFW{running-ipsec-vpn-myvpn}key

Configure Key exchange type.

Syntax

key (ikemanual)

Example

NGFW{running-ipsec-vpn-myvpn}key ike

NGFW{running-ipsec-vpn-myvpn}nat-traversal

Enable or disable NAT Traversal mode.

Syntax

nat-traversal (enabledisable)

NGFW Command Line Interface Reference 167

Page 175
Image 175
HP TippingPoint Next Generation Firewall manual Exchange-mode mainaggressive