Filter
Top Products
VPN ipsec phase2
FortiGate-100A Administration Guide 01-28007-0068-20041203 271
ipsec phase2
Use the config vpn ipsec phase2 CLI command to add or edit an IPSec VPN
phase 2 configuration.
Command syntax pattern
config vpn ipsec phase2
edit <name_str>
set <keyword> <variable>
end
config vpn ipsec phase2
edit <name_str>
unset <keyword>
end
config vpn ipsec phase2
delete <name_str>
end
get vpn ipsec phase2 [<name_str>]
show vpn ipsec phase2 [<name_str>]
ipsec phase2 command keywords and variables
Keywords and variables Description Default Availability
bindtoif
<interface-name_str>
Bind the tunnel to the specified
network interface. Type the name of
the local FortiGate interface.
No
default.
All models.
dstaddr <name_str> Enter the name of the firewall
destination IP address that
corresponds to the
recipient or
network behind the remote VPN
peer.
You must create the firewall
address before you can select it here.
For more information, see “Adding
firewall policies for IPSec VPN
tunnels” on page 266.
No
default.
All models.
selector
must be set
to
specify.
dstport
<port_integer>
Enter the port number that the remote
VPN peer uses to transport traffic
related to the specified service (see
protocol). The dstport range is 1
to 65535. To specify all ports, type 0.
No
default.
All models.
selector
must be set
to
specify.
protocol
<protocol_integer>
Enter the IP protocol number for the
service. The protocol range is 1 to
255. To specify all services, type 0.
No
default.
All models.
selector
must be set
to
specify.