Carrier-access Adit 3000 Series and Multi-Service Router (MSR) Ca Manual de usuario descargar pdf (Pagina 339)

100

101

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI 14-19

Configuration - IPSec Mode

session-key

Use the IPSec session-key command to specify the parameters needed during manual key exchange

(ipsec-manual).

Syntax: (config-ipsec-{n})# session-key {inbound|outbound} ah spi

authentication [md5|sha] hex-key-data

Example: (config-ipsec-1)# session-key outbound ah 256 authentication md5

0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

set-pfs

Use the IPSec set-pfs command to enable Perfect Forward Secrecy.

Syntax: (config-ipsec-{n})# set-pfs {1|2|5|phase1}

Example: (config-ipsec-1)# set-pfs phase1

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

Field Definition

inbound Set the inbound (local) IPSec key.

outbound Set the outbound (remote) IPSec key.

ah spi Set the Authentication Header Security Parameter Index. 100-FFF

md5 Set authentication to MD5.

sha Set authentication to Secure Hash Algorithm.

hex-key-data MD5 or SHA authentication key in hex. String length must be 40.

Field Definition

1 Use DH group 1 (768 bit).

2 Use DH group 2 (1024 bit).

5 Use DH group 25 (1536 bit).

phase1 Use the same settings as the Phase 1 group settings.

1 2 ... 334 335 336 337 338 339 340 341 342 343 344 ... 495 496

Comentarios a estos manuales

Sin comentarios

Carrier-access Adit 3000 Series and Multi-Service Router (MSR) Ca Manual de usuario Pagina 339

Comentarios a estos manuales

Relacionado con productos y manuales para Hardware Carrier-access Adit 3000 Series and Multi-Service Router (MSR) Ca