Chapter 4
Configuration via the Command Line Interface
Remote Security Gateway identifier [remoteaddr]
Backup remote Security Gateway Identifier [backupaddr]
Exchange mode [exchmode]
This parameter localizes the remote Security Gateway on the Internet. Either the public IP address or the Fully Qualified Domain Name can be used as an identifier.
When a redundant remote Security Gateway is available, its public IP address or host name can be specified here. In a basic IPSec configuration, this parameter is left unset.
This parameter determines the exchange mode used during the Phase 1 negotiation. The SpeedTouch™ supports both main mode and aggressive mode.
Exchange mode
Keyword | Valid values |
|
|
exchmode | main |
|
|
| aggressive |
|
|
Local Identifier [localid] This parameter identifies the local SpeedTouch™ during the Phase 1 negotiation with the remote Security Gateway. This identity must match the settings in the remote Security Gateway in order to successfully set up the IKE Security Association. The identity types supported in the SpeedTouch™ are listed in the following table.
Identity type | Keyword | Examples | |
|
|
| |
IP address | (addr) | 10.0.0.1 | |
|
|
| |
Fully qualified domain name | (fqdn) | sales.corporate.net | |
|
|
| |
User fully qualified domain | (userfqdn) | john.doe@corporate.net | |
name | |||
|
| ||
|
|
| |
Distinguished name | (dn) | dc=corpor,uid=user | |
|
|
| |
Key identity | (keyid) | cisid | |
|
|
| |
any | (any) |
| |
|
|
|
120 | |
|
