Filter
Top Products
Appendix A: IPSec Configuration File
121
NI Series WebConsole & Programming Guide
SpdAddTunnel
SpdAddTunnel
NAME spdAddTunnel– create a tunnel mode policy in the SPD
SYNOPSIS spdAddTunnel=pConfStr
DESCRIPTION This rule creates a tunnel mode policy in the SPD.
Rule Value:
pConfStr
A stringValue specifier formatted as follows:
protocolSelector[/destinationPort/sourcePort],
destinationAddressSelector, sourceAddressSelector,directionality,
useSelectors,keyManager,saProposalName, tunnelEndpointAddress
where:
- protocolSelector is a decValue IANA protocol number or ANY (6 for TCP or 17 for UDP).
- destinationPort is a decValue port number or ANY.
- sourcePort is a decValue port number or ANY.
- destinationAddressSelector is an address in the format:
ipAddress1[-ipAddress2 | /ipMaskPrefix].
- sourceAddressSelector is an address in the format:
ipAddress1[-ipAddress2 | /ipMaskPrefix].
- directionality is IN (for inbound) or OUT (for outbound). If IN, this policy applies to traffic
coming into the current host. If OUT, it applies to traffic going out of the current host. A mir-
rored policy is automatically created for the opposite traffic flow.
- useSelectors is PACKET (use packet selectors) or POLICY (use policy selectors).
- keyManager is MANUAL (manual negotiation) or IKE (key negotiation).
- saProposalName is an SA proposal name.
- tunnelEndpointAddress is the remote gateway. You must specify a single valid IPv4 or IPv6
host address. You cannot specify multiple endpoints.
EXAMPLES IPv4:
spdAddTunnel=ANY,0.0.0.0/0,10.8.30.30,OUT,POLICY,MANUAL,
qm_sa_default,10.9.9.180
IPv6:
spdAddTunnel=ANY,::/0,3ffe:4::1,OUT,POLICY,MANUAL,qm_sa_default,
3ffe:1::2
Config String
Format
protocolSelector[/destinationPort/sorucePort],
destinationAddressSelector,sourceAddressSelector,directionality,
useSelector,keyManager,saProposalName,tunnelEndpointAddress