Specifications
OmniAccess Reference: AOS-W System Reference
704 Part 031652-00 May 2005
syntax
dynamic-map <dynamic-map-name> <dynamic-map-number> <no|set<pfs>
<group>|secrity-association <lifetime> <seconds> |transform-set >>
where:
<dynamic-map-name> is the name of the dynamic-map to create or modify
<dynamic-map-number> is the priority of the map. Valid range is 1 - 10000
no disables the specified command
set enables one of:
pfs enables Perfect Forward Secrecy mode for group 1 (768-bit Diffie Hellman
prime modulus group) or group2 (1024-bit Diffie Hellman prime modulus group).
security-association configures the Security Association by specifying the life-
time with a valid range of 300 to 86400 seconds.
transform-set configures a Transform Set for this dynamic map. Specify up to
four transform sets.
Example
(Alcatel6000) (config) #crypto dynamic-map PAULMAP 6655
(Alcatel6000) (config-crypto-map)#
(Alcatel6000) (config-crypto-map)# set pfs group2
(Alcatel6000) (config-crypto-map)# set security-association lifetime seconds
300
(Alcatel6000) (config-crypto-map)# set transform-set PAULTransform
PaulTransform2 trans3 tras4 ?
The following command disable dynamic-map configurations:
(Alcatel6000) (config-crypto-map)# no set pfs
(Alcatel6000) (config-crypto-map)# no set transform-set
(Alcatel6000) (config-crypto-map)# no set security-association lifetime
crypto ipsec
Configure IPSec paramters.