Chapter 17 IPSec VPN

Table 74 vpn-concentrator Commands: VPN Concentrator (continued)

COMMAND

DESCRIPTION

[no] crypto map_name

Adds the specified IPSec SA to the specified VPN concentrator. The no

 

command removes the specified IPSec SA from the specified VPN

 

concentrator.

 

 

vpn-concentrator rename profile_name

Renames the specified VPN concentrator (first profile_name) to the

profile_name

specified name (second profile_name).

 

 

17.2.5 VPN Configuration Provisioning Commands

This table lists the commands for VPN configuration provisioning.

Table 75 vpn-configuration-provision Commands: VPN Configuration Provisioning

COMMAND

DESCRIPTION

vpn-configuration-provision rule {

Enters the VPN configuration provisioning sub-command mode to add or edit a

append conf_index insert

rule.

conf_index }

conf_index: The index number of a VPN configuration provisioning rule, 1 to

 

 

the ZyWALL’s maximum number of VPN connection rules.

 

 

[no] activate

Turns the VPN configuration provisioning rule on or off.

crypto map_name

Specifies the name of the IPSec VPN connection (map_name) to bind to this VPN

 

configuration provisioning rule’s user or group.

 

 

user username

Specifies a user or group of users allowed to use the ZyWALL IPSec VPN client to

 

retrieve the associated VPN rule settings. A user may belong to a number of

 

groups. If VPN configuration provisioning rules are configured for different

 

groups, the ZyWALL will allow VPN rule setting retrieval based on the first match

 

found. Admin or limited-admin users are not allowed.

 

 

no user

Removes the VPN configuration provisioning rule’s user or user group

 

configuration. In other words, any users can match the rule. In the GUI “any”

 

will display in the Allowed User field.

 

 

exit

Leaves the sub-command mode.

vpn-configuration-provision rule {

Deletes or moves the specified VPN configuration provisioning rule.

delete conf_index move conf_index

 

to conf_index }

 

[no] vpn-configuration-provision

Turns the VPN configuration provisioning service on or off.

activate

 

vpn-configuration-provision

Sets the authentication method the VPN configuration provisioning service uses

authentication auth_method

to authenticate users.

show vpn-configuration-provision

Displays whether or not the VPN configuration provisioning service is activated.

activation

 

show vpn-configuration-provision

Displays the authentication method the VPN configuration provisioning service

authentication

uses to authenticate users.

show vpn-configuration-provision

Displays the settings of the configured VPN configuration provisioning rules.

rules

 

148

 

ZyWALL (ZLD) CLI Reference Guide