Max-retries, Mode, Max-retries -10 mode -10 – Carrier Access Adit 3000 Series and Multi-Service Router (MSR) Card none User Manual

14-10

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

Configuration - IPSec Mode

max-retries

Use the IPSec mode max-retries command to set a maximum number of negotiation attempts.

Syntax:

(config-ipsec {n})# max-retries

number

Example:

(config-ipsec-1)# max-retries 16

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

mode

Use the IPSec mode mode command to modify an IPSec security association mode. Note: If a router
requests tunnel mode, only tunnel mode can be negotiated between the peers. However, if transport
mode is requested, either transport or tunnel mode can be negotiated.

Syntax:

(config-ipsec {n})# mode {transport|tunnel}

Example:

(config-ipsec-1)# mode transport

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

Field

Definition

number

Valid values: 0, 1, 2, 3, 4, 8, 16, 24, 32, 48, 64. Default is 3.
0 = infinite negotiation attempts.

Field

Definition

transport

Transport Mode - only the payload of the original IP packet is
encrypted and/or authenticated. The protected inside addresses will
appear in the original IP headers.

tunnel

Tunnel Mode - The original IP packet is encrypted and/or
authenticated and is encapsulated in a new IP packet. Only the peer
outside addresses are seen, the protected inside addresses are hidden
from view. Default.