ZyXEL Communications n/a IPSec Commands, 14.1 Command Summary

COMMAND

DESCRIPTION

ipsec debug [onoff]

Enables or disables the trace for IPSec debugging

information.

ipsec route dmz [onoff]

After IPSec processes a packet that will be sent to the

DMZ, this ZyXEL Device controls whether or not the

packets can be forwarded to another IPSec tunnel.

ipsec route lan [onoff]

After IPSec processes a packet that will be sent to the

LAN, this ZyXEL Device controls whether or not the

packets can be forwarded to another IPSec tunnel.

ipsec route wan [onoff]

After IPSec processes a packet that will be sent to the

WAN, this ZyXEL Device controls whether or not the

packets can be forwarded to another IPSec tunnel.

ipsec show_runtime sa

Displays active IKE and IPSec SAs.

ipsec show_runtime spd

Displays the local and remote network address pairs used

to differentiate the connected dynamic VPN tunnels.

ipsec switch <onoff>

Enables or disables all IPSec rules. The setting resets to

off after the ZyXEL Device restarts.

ipsec timer chk_my_ip <1~3600>

Sets the interval (in seconds) for checking if the ZyXEL

Device’s WAN IP address has changed

ipsec timer chk_conn <0~255>

The ZyXEL Device disconnects a VPN tunnel if there is no

reply traffic for this number of minutes. 0 disables the

check.

ipsec timer update_peer <0~255>

For IPSec rules with a domain name as the local or remote

gateway address, this command sets the interval (in

minutes) for resolving the domain name and updating the

rules. 0 disables the updates.

ipsec timer chk_input <0~255>

The ZyXEL Device disconnects any IPSec connection that

has no inbound traffic for this number of minutes. 0

disables the check (this is the default setting).

ipsec updatePeerIp

If you use a domain name as the local or remote gateway

address, this command forces the ZyXEL Device to

resolve the domain name and update the IPSec rules right

away.

89

DSL & IAD CLI Reference Guide