CONFIG IPSEC PROFILE PHASE2 NEW

Level

vpn,modify

History

Appears in Netasq 9.0.0
replaywsize appears in 9.0.5

Description

Create IPsec phase 2 profile

Usage

name=<profilename> enc=<algo[/size],algo[/size],...> auth=<algo[/size],algo[/size],...> [pfs=<dh>] [lifetime=<seconds>] [replaywsize=<from 0 to 33554400 in steps of 8>] [comment=<str>] [global=<0|1>]

replaywsize: the size should be a power of 2 less 32 (2^x-32) to optimize memory use. Set to 0 to deactivate anti-replay protection.

Example

CONFIG IPSEC PROFILE PHASE2 NEW name=myph2 pfs=1 enc=aes/256,aes/128 auth=md5