Description
This type lets you set up an IPsec tunnel to Microsoft Azure (IKEv2 tunnel with AES, AES-GCM, SHA-2, DH group 2, 14, 19, 20
(ECP256/384) and forward secrecy). Please note that the DH group 2 is considered insecure and shouldn't be used. Group 2 is
however the default and only DH group set by default in Azure. It's recommended that you configure Azure to use the more secure
DH group 14.
Properties
- Name
- Specifies a symbolic name for the interface. (Identifier)
- LocalNetwork
- The network on local side of the IPsec tunnel. The IPsec tunnel will be established between this network and the remote network.
- RemoteNetwork
- The network connected to the remote gateway. The IPsec tunnel will be established between the local network and this network.
- PSK
- Selects the Pre-shared key to use with this IPsec Tunnel.
- RemoteEndpoint
- Specifies the IP address of the remote endpoint. This is the address the firewall will establish the IPsec tunnel to. It also
dictates from where inbound IPsec tunnels are allowed.
- AutoInterfaceNetworkRoute
- Automatically add a route for this interface using the given remote network. (Default: Yes)
- SNMPIndex
- Interface index assigned by the system when persistent interface indexes are enabled. (Default: 0)
- Attribute
- Special Attribute of the current object. (Optional)
- MemberOfRoutingTable
- All or Specific. (Default: All)
- RoutingTable
- Specifies the PBR table to insert the interface IP route into. It also means that the specified routing table will be used
for all routing lookups, unless overridden by a PBR rule. (Default: main)
- Zone
- (Optional) Specifies the Zone that this interface is a member of. (Optional)
- Comments
- Text describing the current object. (Optional)
cOS Core 15.00.01 CLI Reference Guide
