CLI Guide - WatchGuard Technologies
CLI Guide - WatchGuard Technologies CLI Guide - WatchGuard Technologies
CHAPTER 3: Configuration Mode Commands preceding arguments, the following values are options you can apply: Option Description g1 and g2 the two Diffie-Hellman group options. des|3des represent two encryption algorithm options. md5|sha represent two other encryption algorithm options. Lifetimeminutes/hours represent a key lifetime setting, measured in time. Lifesize-KB/MB represent a key lifetime, measured in kilo- or megabytes. Example WG(config-ike)#action my_act -main \ (line break) –rsa {g2 3des md5 10hr 100MB} {g1 des sha 45min} \ –dss {g2 3des sha 8hr} policy command (configure IKE level) WG#config WG(config)#ike WG(config-ike)#policy \ -action \ -peer \ [-local {} [-preshared ] \ [-position ] Effect Records a new IKE policy, including actions. 80 WatchGuard Vclass 5.1
Second level configuration mode commands Arguments This argument records a brief, descriptive name for this policy. < * |peer_address> This argument notes either “any” (indicated by *) or the address group representing the peer appliance(s). -action This argument notes the name of the IKE action used by this policy. -peer | -address &| - domain \ &| -user_domain &| -X.500 \ 0] This argument specifies the means of identifying the peer appliance from these five options. You can enter “any” as the sole option or combine any of these options (and values) in this argument: Option Description represents an address group used as peer ID type. represents a domain name as the peer ID type. represents a user domain name as the peer ID type. represents X.500 as the peer ID type. [-local { This optional argument specifies which ID }] for -peer, as noted above. [-preshared This optional argument records the text of WatchGuard Command Line Interface Guide 81
- Page 43 and 44: Administration mode commands 4 Clic
- Page 45 and 46: Administration mode commands #ex: e
- Page 47 and 48: crl command Administration mode com
- Page 49 and 50: Administration mode commands Merge
- Page 51 and 52: Administration mode commands Proces
- Page 53 and 54: Administration mode commands Shuts
- Page 55 and 56: CHAPTER 3 Configuration Mode Comman
- Page 57 and 58: abort command Top-level configurati
- Page 59 and 60: certificate command Top-level confi
- Page 61 and 62: Top-level configuration mode comman
- Page 63 and 64: interface command Top-level configu
- Page 65 and 66: Arguments None Example WG#config WG
- Page 67 and 68: [no] traffic command (log level) WG
- Page 69 and 70: Top-level configuration mode comman
- Page 71 and 72: Top-level configuration mode comman
- Page 73 and 74: Top-level configuration mode comman
- Page 75 and 76: as command Top-level configuration
- Page 77 and 78: Top-level configuration mode comman
- Page 79 and 80: Top-level configuration mode comman
- Page 81 and 82: Second level configuration mode com
- Page 83 and 84: Second level configuration mode com
- Page 85 and 86: Second level configuration mode com
- Page 87 and 88: Example Second level configuration
- Page 89 and 90: Second level configuration mode com
- Page 91 and 92: Second level configuration mode com
- Page 93: Second level configuration mode com
- Page 97 and 98: Second level configuration mode com
- Page 99 and 100: Second level configuration mode com
- Page 101 and 102: Second level configuration mode com
- Page 103 and 104: Second level configuration mode com
- Page 105 and 106: Arguments Second level configurati
- Page 107 and 108: Second level configuration mode com
- Page 109 and 110: Second level configuration mode com
- Page 111 and 112: Second level configuration mode com
- Page 113 and 114: Second level configuration mode com
- Page 115 and 116: Second level configuration mode com
- Page 117 and 118: Second level configuration mode com
- Page 119 and 120: Second level configuration mode com
- Page 121 and 122: Second level configuration mode com
- Page 123 and 124: Second level configuration mode com
- Page 125 and 126: Second level configuration mode com
- Page 127 and 128: Second level configuration mode com
- Page 129 and 130: Second level configuration mode com
- Page 131 and 132: Second level configuration mode com
- Page 133 and 134: Second level configuration mode com
- Page 135 and 136: Second level configuration mode com
- Page 137 and 138: Level 3 configuration mode commands
- Page 139 and 140: Level 3 configuration mode commands
- Page 141 and 142: CHAPTER 4 Debug Mode Commands All W
- Page 143 and 144: arp command Debugging/troubleshooti
CHAPTER 3: Configuration Mode Commands<br />
preceding arguments, the following values are<br />
options you can apply:<br />
Option Description<br />
g1 and g2 the two Diffie-Hellman group options.<br />
des|3des represent two encryption algorithm options.<br />
md5|sha represent two other encryption algorithm options.<br />
Lifetimeminutes/hours<br />
represent a key lifetime setting, measured in time.<br />
Lifesize-KB/MB represent a key lifetime, measured in kilo- or<br />
megabytes.<br />
Example<br />
WG(config-ike)#action my_act -main \<br />
(line break)<br />
–rsa {g2 3des md5 10hr 100MB} {g1 des<br />
sha 45min} \<br />
–dss {g2 3des sha 8hr}<br />
policy command (configure IKE level)<br />
WG#config<br />
WG(config)#ike <br />
WG(config-ike)#policy \<br />
-action<br />
\<br />
-peer \<br />
[-local<br />
{} [-preshared ]<br />
\<br />
[-position ]<br />
Effect<br />
Records a new IKE policy, including actions.<br />
80 <strong>WatchGuard</strong> Vclass 5.1