CONFIG IPSEC PEER UPDATE

Level

vpn+modify

History

Appears in 9 0 0
auto mode appears in 9 0 1
ikeversion appears in 2 0 0
peeridentifier appears in 3 0 0
reauth appears in 3 5 0
inactivity appears in 3 8 0

Description

Update a peer

Implementation notes

If token 'peer' is any, it can't be changed to a host and vice versa
Modification of identifier can change automatically mode
Anonymous peers have responderonly set to 1
Please see the PEER NEW command to see token specifications

Usage

name=<peername> [method=<psk|pki|xauth|xauth_pki>] [mode=<auto|main|aggressive>] [dst=<host|any>] [src=<host|any>] [responderonly=<0|1>] [natt=<none|auto|force>] [checkmode=<strict|claim|obey|exact>] [(dpd_mode=<off|passive|low|high>) | (dpd_mode=manual dpd_delay=<num> dpd_retry=<num> dpd_maxfail=<num>)] [ike_frag=<0|1>] [sharedsa=<0|1>] [identifier=<asn1dn|user_fqdn|fqdn|ip>] [peeridentifier=<asn1dn|user_fqdn|fqdn|ip>] [peercert=<certname>] [cert=<certname>] [sendcert=<0|1>] [sendcr=<0|1>] [psk=<key>] [conf=<phase1profile>] [comment=<str>] [backuppeer=<peername>] [backupmode=<temporary|permanent>][global=<0|1>] [ikeversion=<1|2>] [reauth=<0|1>] [inactivity=<num>]

Example

CONFIG IPSEC PEER UPDATE name=mypeer natt=force