Manualshelf

User guide

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
131132133134135136137138139140
132 Chapter 4. Configuring Special Features
ike peers set address 192.168.17.200 home_peer
ike peers set secret ThisIsASecret12345;) home_peer
ike peers set peeridtype ipaddr home_peer
ike peers set peerid 192.168.17.200 home_peer
ike peers set localidtype domainname home_peer
ike peers set localid branchoffice.big.com home_peer
IPSec Commands
The following commands allow you to define an IPSec connection without IKE.
Note: If you define a tunnel using IPSec commands, the keys will remain static. This could pose a security risk
and is not recommended. Use of IKE for key management is recommended.
ipsec flush Clears all IPSec definitions.
ipsec add <SAname> Defines an SA name.
ipsec del <SAname> Deletes an existing SA.
ipsec list [<SAname>] Lists one or all SA entries.
ipsec enable <SAname> Enables a defined SA entry.
ipsec disable <SAname> Disables a defined SA entry.
The following commands define parameters for the specified Security Association (SA).
ipsec set mode <TUNNEL | TRANSPORT> <SAname>
Requests the encapsulation mode (tunnel or transport) for the SA. The default is tunnel mode.
ipsec set direction <INBOUND | OUTBOUND> <SAname>
Defines the direction of the SA.
ipsec set gateway <IPaddress> <SAname>
Defines the IP address of the gateway.
ipsec set encryption <NULL | DES-CBC | 3DES> <SAname>
Selects no encryption, DES (56-bit) encryption or 3DES (168-bit) encryption.
ipsec set authentication <SHA1 | MD5> <SAname>
Selects authentication using either SHA-1 (Secure Hashing Algorithm 1) or MD5 (Message Digest 5)
ipsec set enckey <key> <SAname>
Specifies the encryption key (in hexadecimal, 64 bits for DES or 192 bits for 3DES).
ipsec set authkey <key> <SAname>