Amer Networks E5 CLI User Manual

LocalIDValue

Specify the local identity of the tunnel ID.

GatewayCertificate

Selects the certificate the security gateway uses to
authenticate itself to the other IPsec peer.

RootCertificates

Selects one or more root certificates to use with
this IPsec Tunnel.

IDList

Selects the identification list to use with this IPsec
Tunnel. An identification list is a list of the
identities that are allowed to establish a IPsec
tunnel. (Optional)

XAuth

Required for inbound or Pass to peer gateway.
(Default: Off )

XAuthUsername

Specifies the username to pass to the remote
gateway vie IKE XAuth.

XAuthPassword

Specifies the password to pass to the remote
gateway vie IKE XAuth.

AddRouteToRemoteNet

Dynamically add route to the remote networks
when a tunnel is established. (Default: No)

PlaintextMTU

Specifies the size in bytes at which to fragment
plaintext packets (rather than fragmenting IPsec).
(Default: 1420)

OriginatorIPType

Specifies what IP address to use as source IP in e.g.
NAT. (Default: LocalInterface)

OriginatorIP

Manually specified originator IP address to use as
source IP in e.g. NAT.

OriginatorHAIP

Manually specified private originator IP address for
use in HA. (Optional)

IKEMode

Specifies which IKE mode to use: main or
aggressive. (Default: Main)

DHGroup

Specifies the Diffie-Hellman group to use when
doing key exchanges in IKE. (Default: 2)

PFSDHGroup

Specifies which Diffie-Hellman group to use with
PFS. (Default: None,1,2,5)

SetupSAPer

Setup security association per network, host or
port. (Default: Net)

DeadPeerDetection

Enable Dead Peer Detection. (Default: Yes)

NATTraversal

Enable

or

disable

NAT

traversal.

(Default:

OnIfNeeded)

AutoEstablish

Negotiate tunnel directly after reconfigureation.
(Default: No)

Metric

Specifies the metric for the auto-created route.
(Default: 90)

AutoInterfaceNetworkRoute

Automatically add a route for this interface using

Chapter 3: Configuration Reference

184