IKE Kryptoprofil
set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL hash sha256 set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL dh-group group5 set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL encryption aes-256-cbc set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL lifetime hours 8
IP-Sec Kryptoprofil
set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL esp authentication sha256 set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL esp encryption aes-256-cbc set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL lifetime hours 1 set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL dh-group group5
IKE Gateway
set network ike gateway MEINTUNNEL authentication pre-shared-key key -XXXXXXXXuS7EV+qk= set network ike gateway MEINTUNNEL protocol ikev1 dpd enable yes set network ike gateway MEINTUNNEL protocol ikev1 ike-crypto-profile MEINTUNNEL set network ike gateway MEINTUNNEL protocol ikev1 exchange-mode main set network ike gateway MEINTUNNEL protocol ikev2 dpd enable yes set network ike gateway MEINTUNNEL protocol-common nat-traversal enable yes set network ike gateway MEINTUNNEL protocol-common fragmentation enable no set network ike gateway MEINTUNNEL local-address interface ae1.306 set network ike gateway MEINTUNNEL local-address ip 11.11.11.11/27 set network ike gateway MEINTUNNEL peer-address ip 12.12.12.12
IP-Sec Tunnel
set network tunnel ipsec MEINTUNNEL auto-key ike-gateway MEINTUNNEL set network tunnel ipsec MEINTUNNEL auto-key ipsec-crypto-profile MEINTUNNEL set network tunnel ipsec MEINTUNNEL auto-key proxy-id PXYID1 protocol any set network tunnel ipsec MEINTUNNEL auto-key proxy-id PXYID1 local 0.0.0.0/0 set network tunnel ipsec MEINTUNNEL auto-key proxy-id PXYID1 remote 0.0.0.0/0 set network tunnel ipsec MEINTUNNEL tunnel-monitor enable yes set network tunnel ipsec MEINTUNNEL tunnel-monitor destination-ip 10.10.10.100 set network tunnel ipsec MEINTUNNEL tunnel-monitor tunnel-monitor-profile DEFAULT set network tunnel ipsec MEINTUNNEL tunnel-interface tunnel.10 set network tunnel ipsec MEINTUNNEL anti-replay no