beautypg.com

Create isakmp policy – Allied Telesis RAPIER I User Manual

Page 174

background image

174

Enhancements to IPsec/VPN

Release Note

Software Version 2.8.1
C613-10477-00 REV B

create isakmp policy

Syntax

CREate ISAkmp POLICY=name PEer={ipv4add|ipv6add|ANy}

[AUTHType={PREshared|RSAEncr|RSASig}]

[DELETedelay=0..30] [DHExponentlength=160..1023]

[ENCalg={3DES2key|3DESInner|3DESOuter|DES|AES128|AES192

|AES256}] [EXPIRYKbytes=1..1000]

[EXPIRYSeconds=600..31449600] [GROup={0|1|2}]

[HAShalg={SHa|MD5}]

[HEARtbeatmode={Both|None|Receive|Send}]

[HYBRIDxauth={ON|OFf|TRue|FAlse}] [IPVersion={4|6}]

[KEY=0..65535] [LOCALID={ipv4add|ipv6add|domainname|

user-domainname|dist-name}] [LOCALRsakey=0..65535]

[MODe={MAIn|AGGressive}]

[MSGBACkoff={INCREMental|NONE}]

[MSGREtrylimit=0..1024]

[MSGTImeout=1..86400]

[NATTraversal={ON|OFf|TRue|FAlse}]

[PHASE2xchglimit={NOne|1..1024}]

[POLICYFilename=filename]

[PREnegotiate={ON|OFf|TRue|FAlse}]

[REMOTEId={ipv4add|ipv6add|domainname|user-domainname|

dist-name}] [RETRYIKEattempts={0..16|CONTinuous}]

[SENDDeletes={ON|OFf|TRue|FAlse}]

[SENDNotify={ON|OFf|TRue|FAlse}]

[SENDIdalways={ON|OFf|TRue|FAlse}]

[SETCommitbit={ON|OFf|TRue|FAlse}]

[SRCInterface=interface] [XAUth={CLient|SErver|NONE}]

[XAUTHName=username] [XAUTHPasswd=password]

[XAUTHType={GEneric|RAdius}]

Parameter

Description

MSGBACkoff

The back-off pattern used when ISAKMP messages are retransmitted.
The initial transmission time is set using the msgtimeout parameter.

Default: incremental

INCREMental

The delay between retransmissions increases in a
linear manner. Every retransmitted message is
delayed by the last delay time plus twice the
msgtimeout value.

NONE

The delay between retransmissions is static. All
subsequent retransmissions are sent after the
delay set by the msgtimeout parameter.

MSGREtrylimit

The maximum number of times the router or switch retransmits
ISAKMP messages. If 0 is set, no retranmissions occur. If 1 to 1024 is
set, the message is retransmitted until either the limit is reached, or
the retransmission is successful.

Default: 8

MSGTImeout

The number of seconds between the initial transmission of an ISAKMP
message and the first retransmission. The subsequent retransmission
intervals are dependent on the back-off pattern specified with the
msgbackoff parameter.

Default: 4

This manual is related to the following products:
See also other documents in the category Allied Telesis Computer Accessories: