ZyXEL Communications 3.1 ユーザーズマニュアル
Chapter 17 IPSec VPN
ZyWALL (ZLD) CLI Reference Guide
148
17.2.5 VPN Configuration Provisioning Commands
This table lists the commands for VPN configuration provisioning.
[no] crypto map_name
Adds the specified IPSec SA to the specified VPN concentrator. The
no
command removes the specified IPSec SA from the specified VPN
concentrator.
concentrator.
vpn-concentrator rename profile_name
profile_name
Renames the specified VPN concentrator (first profile_name) to the
specified name (second profile_name).
specified name (second profile_name).
Table 74
vpn-concentrator Commands: VPN Concentrator (continued)
COMMAND
DESCRIPTION
Table 75
vpn-configuration-provision Commands: VPN Configuration Provisioning
COMMAND
DESCRIPTION
vpn-configuration-provision rule {
append | conf_index | insert
conf_index }
Enters the VPN configuration provisioning sub-command mode to add or edit a
rule.
rule.
conf_index
: The index number of a VPN configuration provisioning rule, 1 to
the ZyWALL’s maximum number of VPN connection rules.
[no] activate
Turns the VPN configuration provisioning rule on or off.
crypto map_name
Specifies the name of the IPSec VPN connection (map_name) to bind to this VPN
configuration provisioning rule’s user or group.
configuration provisioning rule’s user or group.
user username
Specifies a user or group of users allowed to use the ZyWALL IPSec VPN client to
retrieve the associated VPN rule settings. A user may belong to a number of
groups. If VPN configuration provisioning rules are configured for different
groups, the ZyWALL will allow VPN rule setting retrieval based on the first match
found. Admin or limited-admin users are not allowed.
retrieve the associated VPN rule settings. A user may belong to a number of
groups. If VPN configuration provisioning rules are configured for different
groups, the ZyWALL will allow VPN rule setting retrieval based on the first match
found. Admin or limited-admin users are not allowed.
no user
Removes the VPN configuration provisioning rule’s user or user group
configuration. In other words, any users can match the rule. In the GUI “any”
will display in the Allowed User field.
configuration. In other words, any users can match the rule. In the GUI “any”
will display in the Allowed User field.
exit
Leaves the sub-command mode.
vpn-configuration-provision rule {
delete conf_index | move conf_index
to conf_index }
Deletes or moves the specified VPN configuration provisioning rule.
[no] vpn-configuration-provision
activate
Turns the VPN configuration provisioning service on or off.
vpn-configuration-provision
authentication auth_method
Sets the authentication method the VPN configuration provisioning service uses
to authenticate users.
to authenticate users.
show vpn-configuration-provision
activation
Displays whether or not the VPN configuration provisioning service is activated.
show vpn-configuration-provision
authentication
Displays the authentication method the VPN configuration provisioning service
uses to authenticate users.
uses to authenticate users.
show vpn-configuration-provision
rules
Displays the settings of the configured VPN configuration provisioning rules.