ManualKeyInfo 63
When you specify a key that is too short, the policy binding operation generates an error message informing you of the key length discrepancy and the key is rejected. If this should occur you will need to delete the specified key and reenter a key of the appropriate length.
Values
key_set_name | A name you assign to the key set you are adding. |
| <key_set_name> can be from 1 to 128 characters long but |
| cannot be none, NONE, all or ALL. |
encrypt_key, | An ASCII text string or a string of hexadecimal numbers. |
auth_key |
|
ManualKeyInfo
Syntax SETDefault !<portlist>
SHow !<portlist>
Description The ManualKeyInfo parameter adds manual keying information to an IPSEC policy and key set. Only one ManualKeyInfo command can be applied to each policy. To change the manual keying information after it has been applied to a policy, you must first delete the information using the NONE as the key set name, then add the new information using ADD.
The ManualKeyInfo parameter creates one or two pairs of security associations between the local router and the destination router.
Values
policy_name | A name you assigned to a policy you added using the |
| POLicy parameter. |
key_set_name | A name you assigned to a key set you added using the |
NONE | KeySet parameter. If you specify NONE, all manual key |
| information is erased. |
spi_in | A number in the range 256 to 2000. All spi_in values must |
| be unique on a system. spi_in must match the spi_out value |
| specified at the peer system at the other end of the security |
| association. |
spi_out | A number in the range 256 to 2147483647. spi_out must |
| match the spi_in value specified at the peer system at the |
| other end of the security association. |
manualPOLicy
Syntax ADD !<portlist>
<action> : AhEspXport AhXport EspXport
<filters> :list of the following values separated by commas: GRE, ICMP, OSPF,
TCP [(<src_port>,<dst_port>)...up to 16 pairs],