Draytek Vigor3300 Series Bedienungsanleitung PDF herunterladen (Seite 116)

111

2.7.1.4 policy

This command can set policy table.

policy -s <Index>

policy -e <Index> <Name> <Preshared Key> <Security Protocol><Admin Status> <WAN

Interface> <Local Subnet> <Local Subnet Mask><Remote IP Address> <Remote Subnet>

policy -cert_any <Index> <Local Certificate>

policy -cert <Index> <Local Certificate> <Remote ID>

policy -proposal <Index> <Phase1 Lifetime> <Phase1 Proposal 1><Phase1 Proposal 2>

<Phase2 Proposal 2><Phase2 Proposal 3> <Phase2 Proposal 4> <PFS> <Accepted

Proposal>

policy -dpd <Index> <DPD Enable> <Delay> <Timeout>

policy -dhcp <Index> <DHCP-over-IPSec>

policy -nat-t <Index> <NAT-T Enable>

policy -d <Index>

Syntax Description

-s It is used for displaying all the policy tables.

-e It is used for editing Preshared Key.

-d It is used for deleting the specified policy.

-cert_any It is used for utilizing Local Certificate and accepting any Remote

ID for RSA signature. To utilize local certificate and accept the

remote ID of peer only, please use the syntax of “policy -cert

<Index> <Local Certificate> <Remote ID>”.

Index Enter the item number on the policy table that you want to edit.

Name Enter the name for VPN connection (ex. “VPN1”). The maximum

length of name is 20 characters including spaces.

Preshared Key Enter the number as Preshared Key for the Policy. The maximum

length is 40 characters, including spaces.

Security Protocol Enter “0” to specify “ESP” to make the data being encrypted and

authenticated.

Enter “1” to specify “AH” to make the data being authenticated

but not be encrypted

Admin Status Enter “0” to initiate IPSec Tunnel.

Enter “1” to disable IPSec Tunnel.

Enter “2” to invoke this profile automatically by the system for

every 30 seconds.

WAN Interface Enter the number (1 to 4) as the WAN interface for the policy.

1 2 ... 111 112 113 114 115 116 117 118 119 120 121 122 123

Keine Kommentare

Draytek Vigor3300 Series Bedienungsanleitung Seite 116