Mobile IPv4 Administrator's Guide
mipconfig and miproconfig
miproconfig Command Reference
Chapter 9
154
configure ha
Use the configure ha command to configure security information about Home Agents.
The security information must match the security information configured about the local
node on the Home Agent using the mipconfig configure node command.
NOTE If the Home Agent is multi-homed (it has multiple IP addresses), you must configure
security information for each IP addresson theHome Agent by repeating the configure
ha command for each address. Each instance of the command for the same Home Agent
must have the same security parameters (SPI, security algorithm and key).
Syntax
c[onfigure] h[a] [
ip_addr
] [-spi
spi
] [-algo
algorithm
]
[-key
key
| random]
Parameters
ip_addr
IP address of the Home Agent.
Acceptable Values: IP address in dotted-decimal notation.
miproconfig Default: None. If you do not specify a value,
miprpconfig will operate in novice mode.
miprod Default: None.
spi
Security Parameters Index (SPI) that identifies the Security
Association (SA) between the miprod daemon on the local system and
the mipd daemon on the Home Agent. This must match the SPI
configured on the Home Agent.
Acceptable Values: 256 - 2147483647 (integer).
miproconfig Default: None. You must specify a value.
miprod Default: None.
algorithm
Security algorithm miprod uses to authenticate messages from the
Home Agent. This must match the algorithm configured on the Home
Agent.
Keyed MD5 is considered vulnerable to attack by the cryptographic
community. HP recommends that you use HMAC-MD5.
Acceptable Values: md5 or hmac-md5.
miproconfig Default: hmac-md5
miprod Default: None.
key
128-bit security key miprod uses to authenticate messages from the
Home Agent. Ideally, each entry should have a distinct key. This key
must match the key configured on the Home Agent.
Acceptable Values: 128 bits, entered as a series of 16, two-digit
hexadecimal values,separated by spaces.Alternatively, you can specify
random and miproconfig will generate a key for you and display it on
stdout.