Netgear FVS336Gv2 – ProSafe Dual WAN Gigabit Firewall with SSL & IPSec VPN 참조 매뉴얼

This section describes the following commands:

This command configures a new or existing manual IPSec IKE policy. After you issue the vpn 
ipsec ikepolicy configure

 command to specify the name of a new or existing IKE 

policy, you enter the vpn-config [ike-policy] mode and then you can configure one keyword 
and associated parameter or associated keyword at a time in the order that you prefer.

vpn

enable_mode_config {N 

| Y {mode_config_record <record name>}}

direction_type {Initiator | Responder | Both}

exchange_mode {Main | Aggresive}

ip_version {IPv4 | IPv6}

local_ident_type {Local_Wan_IP | FQDN | User-FQDN | DER_ASN1_DN} 

   {local_identifier <identifier>}

remote_ident_type {Remote_Wan_IP | FQDN | User-FQDN | 

   DER_ASN1_DN}{remote_identifier <identifier>}

encryption_algorithm {DES | 3DES | AES_128 | AES_192 | AES_256}

auth_algorithm {MD5 | SHA-1}

auth_method {Pre_shared_key {pre_shared_key <key>} | 

   RSA_Signature}

dh_group {Group1_768_bit | Group2_1024_bit | Group5_1536_bit}

lifetime <seconds>

enable_dead_peer_detection {N | Y {detection_period <seconds>} 

   {reconnect_failure_count <number>}}

extended_authentication {None | IPSecHost {xauth_username 

   <user name>} {xauth_password <password>} | EdgeDevice 

   {extended_authentication_type {User-Database | RadiusPap | 

   RadiusChap}}}

vpn-config [ike-policy]

vpn ipsec ikepolicy configure <ike policy name> 

select_local_gateway {WAN1 | WAN2}