110
undo dpd interval
Default
IKEv2 DPD is disabled. The global IKEv2 DPD settings are used.
Views
IKEv2 profile view
Predefined user roles
network-admin
Parameters
interval
interval
: Specifies a DPD triggering interval in the range of 10 to 3600 seconds.
retry seconds
: Specifies the DPD retry interval in the range of 2 to 60 seconds. The default is 5
seconds.
on-demand
: Triggers DPD on demand. The device triggers DPD if it has IPsec traffic to send and
has not received any IPsec packets from the peer for the specified interval.
periodic
: Triggers DPD at regular intervals. The device triggers DPD at the specified interval.
Usage guidelines
DPD is triggered periodically or on-demand. As a best practice, use the on-demand mode when the
device communicates with a large number of IKEv2 peers. For an earlier detection of dead peers,
use the periodic triggering mode, which consumes more bandwidth and CPU.
The triggering interval must be longer than the retry interval, so that the device will not trigger a new
round of DPD during a DPD retry.
Examples
# Configure on-demand IKEv2 DPD. Set the DPD triggering interval to 10 seconds and the retry
interval to 5 seconds.
<Sysname> system-view
[Sysname] ikev2 profile profile1
[Sysname-ikev2-profile-profile1] dpd interval 10 retry 5 on-demand
Related commands
ikev2 dpd
encryption
Use
encryption
to specify encryption algorithms for an IKEv2 proposal.
Use
undo encryption
to restore the default.
Syntax
In non-FIPS mode:
encryption
{
3des-cbc
|
aes-cbc-128
|
aes-cbc-192
|
aes-cbc-256
|
aes-ctr-128
|
aes-ctr-192
|
aes-ctr-256
|
camellia-cbc-128
|
camellia-cbc-192
|
camellia-cbc-256
|
des-cbc
}
*
undo encryption
In FIPS mode:
encryption
{
aes-cbc-128
|
aes-cbc-192
|
aes-cbc-256
|
aes-ctr-128
|
aes-ctr-192
|
aes-ctr-256
}
*
undo encryption
Содержание SOHO IE4300
Страница 114: ...ii tftp client ipv6 source 41 tftp client source 41 tftp ipv6 42 tftp server acl 44 tftp server ipv6 acl 44...
Страница 285: ...i Contents Tcl commands 1 cli 1 tclquit 1 tclsh 2...
Страница 288: ...i Contents Python commands 1 exit 1 python 1 python filename 2...
Страница 291: ...i Contents Automatic configuration commands 1 autodeploy udisk enable 1...
Страница 323: ...25 Sysname Ten GigabitEthernet1 0 51 undo shutdown Related commands irf port...
Страница 396: ...i Contents Bulk interface configuration commands 1 display interface range 1 interface range 1 interface range name 3...
Страница 460: ...i Contents Port isolation commands 1 display port isolate group 1 port isolate enable 2 port isolate group 2...
Страница 465: ...ii stp vlan enable 55 vlan mapping modulo 55...
Страница 589: ...60 Examples Enable LLDP for automatic IP phone discovery Sysname system view Sysname voice vlan track lldp...
Страница 602: ...12 Related commands display mvrp statistics...
Страница 609: ...i Contents VLAN mapping commands 1 display vlan mapping 1 vlan mapping 2...
Страница 678: ...9 Related commands reset pppoe relay statistics...
Страница 846: ...i Contents Basic IP forwarding commands 1 display fib 1 ip forwarding table save 2...
Страница 1073: ...i Contents HTTP redirect commands 1 http redirect https port 1 http redirect ssl server policy 1...
Страница 1087: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 1340: ...9 Sysname ipv6 route static default preference 120 Related commands display ipv6 routing table protocol...
Страница 1649: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 1668: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 1770: ...i Contents Time range commands 1 display time range 1 time range 1...
Страница 2026: ...34 Related commands display mac authentication...
Страница 2028: ...ii...
Страница 2143: ...i Contents User profile commands 1 display user profile 1 user profile 2...
Страница 2308: ...61 ipsec transform set...
Страница 2473: ...i Contents TCP attack prevention commands 1 tcp anti naptha enable 1 tcp check state interval 1 tcp state 2...
Страница 2531: ...i Contents SAVI commands 1 ipv6 savi down delay 1 ipv6 savi log enable 1 ipv6 savi strict 2...
Страница 2534: ...3 Sysname ipv6 savi strict Related commands ipv6 verify source...
Страница 2541: ...i Contents Crypto engine commands 1 display crypto engine 1 display crypto engine statistics 1 reset crypto engine statistics 3...
Страница 2545: ...i Contents FIPS commands 1 display crypto version 1 display fips status 1 fips mode enable 2 fips self test 4...
Страница 2791: ...14 Sysname track 1 Related commands delay display track...
Страница 2939: ...9 sntp authentication keyid sntp reliable authentication keyid...
Страница 2967: ...27 Related commands apply poe profile poe enable poe max power interface view poe priority...
Страница 3240: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 3263: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...