Allied Telesis AT-9900 用户手册
172
Enhancements to IPsec/VPN
Release Note
Software Version 2.8.1
C613-10477-00 REV B
C613-10477-00 REV B
ISAKMP will not reattempt XAUTH authentication failures (phase 1.5).
XAUTH failures indicate that either the router or switch and its peer have
different authentication details, or a third party is attempting to connect to the
router or switch. This needs to be investigated manually.
XAUTH failures indicate that either the router or switch and its peer have
different authentication details, or a third party is attempting to connect to the
router or switch. This needs to be investigated manually.
Command Changes
The following table summarises the modified commands:
VPN Tunnel Licencing
By default, the AR415S allows one VPN tunnel. Additional VPN tunnels
require a special feature licence. If you need more VPN tunnels, contact your
authorised distributor or reseller. Other products do not need a special feature
licence for more VPN tunnels.
require a special feature licence. If you need more VPN tunnels, contact your
authorised distributor or reseller. Other products do not need a special feature
licence for more VPN tunnels.
Command changes
The following table summarises the modified command.
Command
Change
New retryikeattempts parameter.
New retryikeattempts parameter.
New retryIkeAttemptsPh1 and retryIkeAttemptsPh2
parameters in output when counters is set to general.
parameters in output when counters is set to general.
New usePolIkeRetryGood and usePolIkeRetryFailed
parameters in output when counters is set to spd.
parameters in output when counters is set to spd.
New Retry IKE Attempts, Current IKE Retries, and
Required IKE Retry Phase parameters in the output when
a policy is specified.
Required IKE Retry Phase parameters in the output when
a policy is specified.
Command
Change
New output parameters