Product specifications

Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-57
The following commands define the peer connection.
-> ike peers set mode <main | aggressive> <peername>
Sets the peer connection to either main or aggressive mode. Main mode is used when
the IP addresses of both ends are known. Aggressive mode is used when the
address of one end can change, as with a typical modem or DSL connection.
For a main mode connection, set only the IP address and the secret:
-> ike peers set address <ipaddress> <peername>
Sets the IP address of the other endpoint. In a main mode configuration, the other
endpoint is constant.
-> ike peers set secret <secret> <peername>
Sets the shared secret for the peer. The secret must be identical for both ends. It can
be up to 256 characters long; do not use spaces or non-printable characters.
For an aggressive mode connection, you must set the IP address and secret and
several more options.
-> ike peers set address <ipaddress> <peername>
Sets the IP address of the other endpoint. One end, the gateway, has a fixed IP
address. The other end, the client, has a changing address. When configuring the
client, set the peer IP address to the gateways fixed address. When configuring the
gateway for aggressive mode, set the IP address to 0.0.0.0.
-> ike peers set secret <secret> <peerpame>
Sets the shared secret for the peer. The secret must be identical for both ends.It can
be up to 256 characters long; do not use spaces or non-printable characters.
-> ike peers set localidtype <IPADDR | DOMAINNAME | EMAIL>
<peerpame>
Sets the type of the local ID (IP address, domain name, or e-mail address). This must
match the peer ID type on the other end.
-> ike peers set localid <aggressivemodeid> <peername>
Sets the local ID. This must match the peer ID on the other end.
-> ike peers set peerid <aggressivemodeid> <peername>
Sets the peer ID. This must match the local ID on the other end.
-> ike peers set peeridtype <ipaddr | domainname | email>
<peername>
Sets the type of the peer ID (IP address, domain name, or e-mail address).This must
match the local ID type on the other end.