Szablon: Web ipsec
Z Elproma Wiki Knowledge Base
The IPsec page of {{{model}}} router is used to configure IPsec tunnel.
Tunnels Configuration
In Tunnels Configuration part you can add, edit or delete IPsec tunnel. To add new tunnel use Add button.
Tunnel details
| Name | Value | Description |
|---|---|---|
| Local LAN | ||
| Remote LAN | ||
| Version of IKE to negotiation | IKEv2, IKEv1 or IKEv1 + IKEv2. Default: IKEv2 |
Advanced tunnel configuration
| Name | Value | Description |
|---|---|---|
| crypto_proposal | list | List of ESP (phase two) proposals |
| Local NAT | IPv4 in CIDR format | NAT range for tunnels with overlapping IP addresses |
| startaction | route, start or none | Action on initial configuration load (none, start, route) |
| updown | file | Path to script to run on CHILD_SA up/down events |
| lifetime | Maximum duration of the CHILD_SA before closing (defaults to 110% of rekeytime) | |
| rekeytime | Duration of the CHILD_SA before rekeying | |
| dpdaction | none, clear, hold, restart, trap or start | Action done when DPD timeout occurs |
| closeaction | add, route, start, none or trap | Action done when CHILD_SA is closed |
| if_id | XFRM interface ID set on input and output interfaces (should be coordinated with “ifid” values in route entries on “xfrm” interfaces | |
| priority | integer equal or higher than 0 | Priority of the CHILD_SA |
| ipcomp | On/Off, default: Off | Enable ipcomp compression |
| hw_offload | On/Off, default: Off | Enable H/W offload |
IPsec Configuration
Connection details
| Name | Value | Description |
|---|---|---|
Additional settings
| Name | Value | Description |
|---|---|---|
[[Category:{{{model}}} User Manual]]