authenticated peers will be authorized. (Optional)
EnforceLocalID
Enable if local identity must match any identity
proposed by the IKE peer. (Default: No)
GatewayCertificate
Selects
the
certificate
the
firewall
uses
to
authenticate itself to the other IPsec peer.
RootCertificates
Selects one or more root certificates to use with
this IPsec Tunnel.
XAuth
Required for inbound or Pass to peer gateway.
(Default: Off )
XAuthUsername
Specifies the username to pass to the remote
gateway vie IKE XAuth.
XAuthPassword
Specifies the password to pass to the remote
gateway vie IKE XAuth.
AddRouteToRemoteNet
Dynamically add route to the remote networks
when a tunnel is established. (Default: No)
PlaintextMTU
Specifies the size in bytes at which to fragment
plaintext packets (rather than fragmenting IPsec).
(Default: 1420)
OriginatorIPType
Specifies what IP address to use as source IP in e.g.
NAT. (Default: LocalInterface)
OriginatorIP
Manually specified originator IP address to use as
source IP in e.g. NAT.
OriginatorHAIP
Manually specified private originator IP address for
use in HA. (Optional)
TunnelMonitor
Monitor a host inside the tunnel and renegotiatie
the tunnel if the host stops answering on ICMP
pings. (Default: No)
MonitoredIP
IP address of the host being monitored with ICMP
pings. Source address will be the OriginatorIP
configured for the tunnel interface.
MaxLoss
Specifies how many consecutive ICMP pings must
be lost before the tunnel is renegotiated. (Default:
10)
IKEMode
Specifies which IKE mode to use: main or
aggressive. (Default: Main)
IKEVersion
Specifies the IKE version to use for the tunnel.
(Default: 1)
DHGroup
Specifies the Diffie-Hellman group to use when
doing key exchanges in IKE. (Default: 2)
PFSDHGroup
Specifies which Diffie-Hellman group to use with
PFS. (Default: None,1,2,5)
SetupSAPer
Setup security association per network, host or
port. (Default: Net)
Chapter 3: Configuration Reference
220
Summary of Contents for NetDefend DFL-260E
Page 21: ...Chapter 1 Introduction 21...
Page 104: ...Chapter 2 Command Reference 104...
Page 240: ...Comments Text describing the current object Optional Chapter 3 Configuration Reference 240...
Page 317: ...Comments Text describing the current object Optional Chapter 3 Configuration Reference 317...