net ipsec ike-daemon
net ipsec ike-daemon(1) BIG-IP TMSH Manual net ipsec ike-daemon(1)
NAME
ike-daemon - Configures the Internet Key Exchange (ISAKMP) daemon.
MODULE
net ipsec
SYNTAX
Configure the ike-daemon component within the net ipsec module using
the syntax in the following sections.
MODIFY
modify ike-daemon
options:
description [string]
isakmp-natt-port [port number]
isakmp-port [port number]
log-level [error|warning|notify|info|debug|debug2]
natt-keep-alive [seconds]
log-publisher [string]
DISPLAY
list
list ike-daemon
show running-config ike-daemon
options:
all-properties
non-default-properties
one-line
DESCRIPTION
You can use the ike-daemon component to configure global settings for
the IKE agent.
EXAMPLES
modify ike-daemon isakmp-port 500
Sets the isakmp port to 500.
OPTIONS
description
User defined description.
isakmp-natt-port
Specifies the port that the IKE daemon uses to accept ISAKMP
messages when NAT-Traversal is detected. This is also the port
number used to accept UDP-encapsulated ESP traffic for NAT-
Traversal. Only 4500 is currently supported.
isakmp-port
Specifies the port that the IKE daemon uses to accept ISAKMP
messages. Only 500 is currently supported.
log-level
Specifies the logging level of the IKE daemon. The log file is
located at /var/log/racoon.log.
natt-keep-alive
Specifies the interval between sending NAT-Traversal keep-alive
packets. The default value is 20 seconds. Set to 0 to disable
keep-alive packets.
log-publisher
Specifies the logging publisher. A new log-publisher object can be
created via TMSH command tmsh create sys log-config publisher.
SEE ALSO
list, net ipsec ike-peer, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2012. All rights reserved.
BIG-IP 2017-05-26 net ipsec ike-daemon(1)