Configuration manual
284 Appendix G Command Interpreter
NN47923-501
chk_conn. <0~255>
Sets the idle timeout for IPSec
connections. The system disconnects an
IPSec connection with no traffic for the
timeout period. The interval is in minutes
(2 default) and 0 means the connection
never times out.
dpdTime <minutes>
Sets the idle timeout for IPSec
connections where the Business Secure
Router is waiting for a response from the
peer.
update_peer <0~255>
Sets the autotimer for updating IPSec
rules that use a domain name as the
secure gateway IP address. The interval
is in minutes (30 default) and 0 means it
never updates.
chk_input <0~255>
Adjusts autotimer to check if any inbound
IPsec traffic has passed during the
specified period. If not, the Business
Secure Router disconnects the tunnel.
show_runtime sa
Displays runtime phase 1 and phase 2
SA information.
spd
When a dynamic rule accepts a request
and a tunnel is established, a runtime
SPD is created according to the peer’s
local IP address. This command displays
these runtime SPDs.
updatePeerIp
Forces the system to immediately update
IPSec rules that use a domain name as
the secure gateway IP address.
display <rule index>
Displays the specified IPSec rule.
policyDisplay <rule index>
Displays the specified IPSec rule’s IP
policies.
dial <rule index> <policy index>
Triggers the specified phase two
connection.
route lan <on|off>
After IPSec processes a packet and
sends it to the LAN side, this switch
controls whether or not IPSec can be
applied to the packet again.
wan <on|off>
After IPSec processes a packet and
sends it to the WAN side, this switch
controls whether or not IPSec can be
applied to the packet again.
Table 68 IPSec commands
Command Description