![background image](http://html.mh-extra.com/html/zyxel-communications/uag-series/uag-series_reference-manual_944300198.webp)
Chapter 40 IPSec VPN
UAG CLI Reference Guide
198
transform-set isakmp-algo [isakmp_algo
[
isakmp_algo
]]
Sets the encryption and authentication algorithms for each IKE SA
proposal.
isakmp_algo
: {des-md5 | des-sha | 3des-md5 | 3des-sha |
aes128-md5 | aes128-sha | aes192-md5 | aes192-sha | aes256-
md5 | aes256-sha | aes256-sha256 | aes256-sha512}
lifetime <180..3000000>
Sets the IKE SA life time to the specified value.
group1
group2
group5
Sets the DH
x
group to the specified group.
[no] natt
Enables NAT traversal. The
no
command disables NAT traversal.
local-ip {ip {
ip
|
domain_name
} |
interface
interface_name
}
Sets the local gateway address to the specified IP address, domain
name, or interface.
peer-ip {
ip
|
domain_name
} [
ip
|
domain_name
]
Sets the remote gateway address(es) to the specified IP
address(es) or domain name(s).
keystring
pre_shared_key
Sets the pre-shared key that can be used for authentication. The
pre_shared_key
can be:
•
8 - 32 alphanumeric characters or ,;|`~!@#$%^&*()_+\{}':./
<>=-".
•
16 - 64 hexadecimal (0-9, A-F) characters, preceded by “0x”.
The pre-shared key is case-sensitive.
local-id type {ip
ip
| fqdn
domain_name
|
e_mail
| dn
distinguished_name
}
Sets the local ID type and content to the specified IP address,
domain name, or e-mail address.
peer-id type {any | ip
ip
| fqdn
domain_name
e_mail
| dn
distinguished_name
}
Sets the peer ID type and content to any value, the specified IP
address, domain name, or e-mail address.
[no] xauth type {server
xauth_method
|
client name
username
password
password
}
Enables extended authentication and specifies whether the UAG is
the server or client. If the UAG is the server, it also specifies the
extended authentication method (
aaa authentication
profile_name
); if the UAG is the client, it also specifies the
username and password to provide to the remote IPSec router. The
no
command disables extended authentication.
username
: You can use alphanumeric characters, underscores (_),
and dashes (-), and it can be up to 31 characters long.
password
: You can use most printable ASCII characters. You cannot
use square brackets [ ], double quotation marks (“), question marks
(?), tabs or spaces. It can be up to 31 characters long.
isakmp policy rename
policy_name
policy_name
Renames the specified IKE SA (first
policy_name
) to the specified
name (second
policy_name
).
Table 121
isakmp Commands: IKE SAs (continued)
COMMAND
DESCRIPTION
Summary of Contents for UAG Series
Page 5: ...Document Conventions UAG CLI Reference Guide 5 Server Firewall Telephone Switch Router ...
Page 22: ...22 PART I Introduction ...
Page 23: ...23 ...
Page 41: ...41 PART II Reference ...
Page 42: ...42 ...