Листовка для Cisco Cisco Packet Data Gateway (PDG)
Crypto Template Configuration Mode Commands
default ▀
Cisco ASR 5x00 Command Line Interface Reference ▄
2823
default
Restores the default values for the selected parameter.
Product
All IPSec-related services
Privilege
Security Administrator
Syntax
default { allow-custom-fqdn-idr | authentication | certificate | control-dont-fragment|
dns-handling | dos { cookie-challenge detect-dos-attack } | ikev2-ikesa { allow-empty-
ikesa | cert-sign | ignore-notify-protocol-id | ignore-rekeying-requests | keepalive-
user-activity | max-retransmission | mobike | policy | rekey | retransmission-timeout |
setup-timer } | keepalive | nai idr | natt [ include-header | send-keepalive ] }
dns-handling | dos { cookie-challenge detect-dos-attack } | ikev2-ikesa { allow-empty-
ikesa | cert-sign | ignore-notify-protocol-id | ignore-rekeying-requests | keepalive-
user-activity | max-retransmission | mobike | policy | rekey | retransmission-timeout |
setup-timer } | keepalive | nai idr | natt [ include-header | send-keepalive ] }
authentication
Configures the default pre-shared gateway key used for authentication.
certificate
Configures the system to remove the certificate for a given crypto template.
dns-handling
Configures the system to use normal DNS handling.
dos cookie-challenge detect-dos-attack
Configures the system to disable any Denial of Service attacks.
keepalive
Enables Dead Peer Detection for all SAs derived from this crypto template.
nai idr
Sets the default NAI parameters to be used for the crypto template (IDr) to none.
natt
Enables NAT-T initiation for all SAs derived from this crypto template.
Usage
Use these commands to restore default parameters.
Example
Use the following command to disable MOBIKE by default:
default mobike