
Chapter 16 IPSec Commands
16.4 Command Examples
This example adds an IKE rule as follows.•IKE Rule Name:ras> ipsec ikeAdd
ras> ipsec ikeConfig name
ras> ipsec ikeConfig secureGwAddr 10.1.1.2 ras> ipsec ikeConfig authMethod 0
ras> ipsec ikeConfig preShareKey 12345678 ras> ipsec ikeSave
This example enables VPN HA on an existing IKE rule."You need to load an IKE rule first by ikeAdd or ikeEdit before you configure IKE settings.
•IKE Rule index: 1•The redundant secure gateway IP: 10.1.1.5•Fall back detection: Enable•The time interval for fall back detection: 180 seconds•DPD for fail over detection: Enable•Output idle Timeout for fail over detection: Enableras> ipsec ikeList |
|
|
Configure IKE number 1 | Flags MyIP | SecureGW |
Idx SPD Name |
===============================================================================
1 0 | 3 10.1.1.1 | 10.1.1.2 |
ras> ipsec ikeEdit 1 |
|
|
ras> ipsec ikeConfig ha enable on |
|
|
ras> ipsec ikeConfig ha redunSecGwAddr 10.1.1.5 ras> ipsec ikeConfig ha fallback enable on ras> ipsec ikeConfig ha fallback interval 180 ras> ipsec ikeConfig ha failover dpd on
ras> ipsec ikeConfig ha failover outputIdleTime on ras> ipsec ikeConfig ha failover display
Fail over detection methods: Output Idle Time: Yes
DPD: Yes
Ping Check: No ras> ipsec ikeSave
130 |
| |
ZyWALL (ZyNOS) CLI Reference Guide |
| |
|
|
|