El que tu no sepas hacerlo, no quiere decir que los demas no sepamos.
CG3100D/NonVol/VPN NonVol> enable VPN Enabled = 1
CG3100D/NonVol/VPN NonVol> add_empty_tunnel
Added tunnel entry with zero based index 0
CG3100D/NonVol/VPN NonVol> change_tunnel 0
Tunnel name: () []
Enabled: (true|false) [false]
Local secure group address type: (subnet|range) [subnet]
Local start IP address: () [0.0.0.0]
Local end IP address: () [0.0.0.0]
Local subnet: () [0.0.0.0]
Local subnet mask: () [255.255.255.0]
Remote secure group address type: (subnet|range) [subnet]
Remote start IP address: () [0.0.0.0]
Remote end IP address: () [0.0.0.0]
Remote subnet: () [0.0.0.0]
Remote subnet mask: () [255.255.255.0]
Remote security gateway address type: (ip|fqdn|any) [ip]
Remote security gateway IP address: () [0.0.0.0]
Remote security gateway FQDN: () []
Local Identity FQDN: () []
Remote Identity FQDN: () []
Encryption method: (none|des|3des|AES-128|AES-192|AES-256) [des]
Authentication method: (none|md5|sha) [md5]
Key management method: (ike|manual) [ike]
Enable perfect forward secrecy: (true|false) [false]
IKE pre-shared key string: () [EnterAKey]
IKE key lifetime (seconds): (0..4294967295) [3600 (0xe10)]
IKE key lifetime (kilobytes): (0..4294967295) [0 (0x0)]
Manual encryption key string: () []
Manual authentication key string: () []
Inbound SPI: (0..4294967295) [0 (0x0)]
Outbound SPI: (0..4294967295) [0 (0x0)]
Phase1 Encryption method: (none|des|3des|AES-128|AES-192|AES-256) [des]
Phase1 Authentication method: (none|md5|sha) [md5]
Phase1 PFS Diffe-Hellman group: (1..5) [0 (0x0)]
Phase1 IKE key lifetime (seconds): (0..4294967295) [28800 (0x7080)]
NOTE: You must write the settings and reboot for this change to take effect!