Palo Alto

user@PAC1(active)> show vpn flow total tunnels configured:                                     18 filter – type IPSec, state any total IPSec tunnel configured:                                18 total IPSec tunnel shown:                                     18 id    name                          state   monitor local-ip                      peer-ip                       tunnel-i/f —    —-                          —–   ——- ——–                      ——-                       ———- 21    T029_TDM_AL:PXYID1            active  off     185.9.110.39                  0.0.0.0                       tunnel.29 22    T244_LTE1:PXYID1              active  up      185.9.110.39                  0.0.0.0                       tunnel.244 23    T004_PH_AR:PXYID1             active  up      185.9.110.39                  193.158.105.154               tunnel.4 24    T005_PH_KA:PXYID1             init    down    185.9.110.39                  62.156.183.234                tunnel.5 25    T214_PH_EB:PXYID1             init    down    185.9.110.39                  62.225.35.114                 tunnel.214 26    T206_PH_GR:PXYID1             init    down    185.9.110.39                  62.156.183.226                tunnel.206 27    T151_PH_HE:PXYID1             init    down    185.9.110.39                  62.153.210.18                 tunnel.151 28    T003_PH_IL:PXYID1             init    down    185.9.110.39                  195.243.128.170               tunnel.3   user@PAC1(active)> show vpn flow tunnel-id 23 tunnel  T004_PH_AR:PXYID1 id:                     23 type:                   IPSec gateway id:             14 local ip:               185.9.110.39 peer ip:                193.158.105.154 inner interface:        tunnel.4 outer …

weiterlesen ….

IKE Kryptoprofil set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL hash sha256 set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL dh-group group5 set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL encryption aes-256-cbc set network ike crypto-profiles ike-crypto-profiles MEINTUNNEL lifetime hours 8 IP-Sec Kryptoprofil set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL esp authentication sha256 set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL esp encryption aes-256-cbc set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL lifetime hours 1 set network ike crypto-profiles ipsec-crypto-profiles MEINTUNNEL dh-group group5 IKE Gateway set network ike gateway MEINTUNNEL authentication pre-shared-key key -XXXXXXXXuS7EV+qk= set network ike gateway MEINTUNNEL protocol ikev1 dpd enable yes set network ike gateway MEINTUNNEL protocol ikev1 ike-crypto-profile MEINTUNNEL set network ike gateway MEINTUNNEL protocol ikev1 exchange-mode main set network ike gateway MEINTUNNEL protocol ikev2 dpd enable …

weiterlesen ….