Manualshelf

Specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
131132133134135136137138139140
140 Chapter 5. Configuring Software Options
Sets the IP address of the other endpoint. One end, the gateway, has a fixed IP address. The other end, the
client, has a changing address. When configuring the client, set the peer IP address to the gatewayƕs fixed
address. When configuring the gateway for aggressive mode, set the IP address to 0.0.0.0.
ike peers set secret <secret> <PeerName>
Sets the shared secret for the peer. The secret must be identical for both ends.It can be up to 256
characters long; do not use spaces or non-printable characters.
ike peers set localid <AggressiveModeID> <PeerName>
Sets the local ID. This must match the peer ID on the other end.
ike peers set localidtype <IPADDR | DOMAINNAME | EMAIL> <PeerName>
Sets the type of the local ID (IP address, domain name, or e-mail address). This must match the peer ID
type on the other end.
ike peers set peerid <AggressiveModeID> <PeerName>
Sets the peer ID. This must match the local ID on the other end.
ike peers set peeridtype <IPADDR | DOMAINNAME | EMAIL> <PeerName>
Sets the type of the peer ID (IP address, domain name, or e-mail address).This must match the local ID
type on the other end.
IKE Proposal Commands
The IKE proposal commands define the proposals exchanged during the Phase 1 SA.
ike proposals add <ProposalName> Defines the name of a new IKE proposal.
ike proposals delete <ProposalName> Deletes an existing IKE proposal.
ike proposals list Lists the IKE proposals.
The following commands specify the contents of the proposals exchanged.
ike proposals set session_auth <PRESHARE> <ProposalName>
Proposes the session authentication; preshared key is currently the only option.
ike proposals set encryption <DES | 3DES> <ProposalName>
Proposes the encryption method used, as follows:
DES Encryption using a 56-bit key.
3DES Encryption using three 56-bit keys, thus, producing 168-bit encryption.
ike proposals set message_auth <NONE | MD5 | SHA1> <ProposalName>
Proposes the message authentication performed. It can propose no message authentication or
authentication using the hash algorithm Message Digest 5 (MD5) or Secure Hash Algorithm-1 (SHA1).