Manualshelf

User guide

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
121122123124125126127128129130
124 Chapter 4. Configuring Special Features
IKE Peer Commands
The IKE peer commands establish the identity of the local and remote peers.
ike peers add <PeerName> Defines the name of a new IKE peer.
ike peers delete <PeerName> Deletes an existing IKE peer.
ike peers list Lists the IKE peers.
The following commands define the peer connection.
ike peers set mode <MAIN | AGGRESSIVE> <PeerName>
Sets the peer connection to either main or aggressive mode. Main mode is used when the IP addresses of
both ends are known. Aggressive mode is used when the address of one end can change, as with a typical
modem or DSL connection.
For a main mode connection, set only the IP address and the secret:
ike peers set address <IPaddress> <PeerName>
Sets the IP address of the other endpoint. In a main mode configuration, the other endpoint is constant.
ike peers set secret <secret> <PeerName>
Sets the shared secret for the peer. The secret must be identical for both ends. It can be up to 256
characters long; do not use spaces or non-printable characters.
For an aggressive mode connection, you must set the IP address and secret and several more options.
ike peers set address <IPaddress> <PeerName>
Sets the IP address of the other endpoint. One end, the gateway, has a fixed IP address. The other end, the
client, has a changing address. When configuring the client, set the peer IP address to the gatewayƕs fixed
address. When configuring the gateway for aggressive mode, set the IP address to 0.0.0.0.
ike peers set secret <secret> <PeerName>
Sets the shared secret for the peer. The secret must be identical for both ends.It can be up to 256
characters long; do not use spaces or non-printable characters.
ike peers set localid <AggressiveModeID> <PeerName>
Sets the local ID. This must match the peer ID on the other end.
ike peers set localidtype <IPADDR | DOMAINNAME | EMAIL> <PeerName>
Sets the type of the local ID (IP address, domain name, or e-mail address). This must match the peer ID
type on the other end.
ike peers set peerid <AggressiveModeID> <PeerName>
Sets the peer ID. This must match the local ID on the other end.
ike peers set peeridtype <IPADDR | DOMAINNAME | EMAIL> <PeerName>