Ipsec phase2, Command syntax pattern, 271 ipsec phase2 – Fortinet 100A User Manual
Page 271: Ipsec phase2 command keywords and variables
VPN
ipsec phase2
FortiGate-100A Administration Guide
01-28007-0068-20041203
271
ipsec phase2
Use the config vpn ipsec phase2 CLI command to add or edit an IPSec VPN
phase 2 configuration.
Command syntax pattern
config vpn ipsec phase2
edit <name_str>
set <keyword> <variable>
end
config vpn ipsec phase2
edit <name_str>
unset <keyword>
end
config vpn ipsec phase2
delete <name_str>
end
get vpn ipsec phase2 [<name_str>]
show vpn ipsec phase2 [<name_str>]
ipsec phase2 command keywords and variables
Keywords and variables
Description
Default
Availability
bindtoif
<interface-name_str>
Bind the tunnel to the specified
network interface. Type the name of
the local FortiGate interface.
No
default.
All models.
dstaddr <name_str>
Enter the name of the firewall
destination IP address that
corresponds to the
recipient or
network behind the remote VPN
peer.
You must create the firewall
address before you can select it here.
firewall policies for IPSec VPN
.
No
default.
All models.
selector
must be set
to
specify.
dstport
<port_integer>
Enter the port number that the remote
VPN peer uses to transport traffic
related to the specified service (see
protocol). The dstport range is 1
to 65535. To specify all ports, type 0.
No
default.
All models.
selector
must be set
to
specify.
protocol
<protocol_integer>
Enter the IP protocol number for the
service. The protocol range is 1 to
255. To specify all services, type 0.
No
default.
All models.
selector
must be set
to
specify.