268
This example shows how to display the settings for the New_Tunnel Phase 2 configuration.
get vpn ipsec phase2 New_Tunnel
This example shows how to display the configuration for the vpn ipsec phase2 command.
show vpn ipsec phase2
Related Commands
config vpn ipsec phase1
config alertemail filter
config alertemail setting
config firewall policy
12.5 ipsec vip
A freeGuard 100 can act as a proxy by answering ARP requests locally and forwarding the associated
traffic to the intended destination host over an IPSec VPN tunnel. The feature is intended to enable
IPSec VPN communications between two hosts that coordinate the same private address space on
physically separate networks. The IP addresses of both the source host and the destination host must
be unique. The ipsec vip command lets you specify the IP addresses that can be accessed at the
remote end of the VPN tunnel. You must configure IPSec virtual IP (VIP) addresses at both ends of
the IPSec VPN tunnel.
Adding an IPSec VIP entry to the VIP table enables a freeGuard 100 to respond to ARP requests
destined for remote servers and route traffic to the intended destinations automatically. Each IPSec
VIP entry is identified by an integer. An entry identifies the name of the freeGuard 100 interface to the
destination network, and the IP address of a destination host on the destination network. Specify a VIP
address for every host that needs to be accessed on the other side of the tunnel—you can define a
maximum of 32 IPSec VIP addresses on the same interface.
Note:
The interface to the destination network must be associated with a VPN tunnel through a
firewall encryption policy (action must be set to encrypt). The policy determines which VPN tunnel will
be selected to forward traffic to the destination. When you create IPSec VIP entries, check the
encryption policy on the freeGuard 100 interface to the destination network to ensure that it meets
your requirements.
Command syntax pattern
config vpn ipsec vip
edit <vip_integer>
set <keyword> <variable>
end
Summary of Contents for freeGuard 100
Page 1: ...freeGuard 100 UTM Firewall CLI USER S MANUAL P N F0025000 Rev 1 1...
Page 3: ......
Page 7: ......
Page 87: ...80 The config ips anomaly command has 1 subcommand config limit...
Page 183: ...176...