Configuration - IPSec Mode

aggressive-mode

Use the IPSec aggressive-modecommand to set to aggressive mode, instead of main mode. To set to main mode, see no aggressive-modecommand on page 14-12.

Syntax: (config-ipsec {n})# aggressive-mode

Example: (config-ipsec-1)# aggressive-mode

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

authentication

Use the IPSec authentication command to specify a peer authentication method.

Syntax: (config-ipsec {n})# authentication {pre-share shared-keyrsa-sig

rsa-signaturecertlocal-id peer-id}

Field

Definition

pre-shared

Specifies preshared keys as the authentication method.

 

shared-key- Enter the Pre-share key.

 

 

rsa-sig

Specifies RSA signatures as the authentication method.

 

rsa-signature- Enter the RSA signature.

 

 

cert

Set Certificate for local ID and Peer ID.

 

local-id- Enter the local ID.

 

peer-id- Enter the peer ID.

 

 

Example: (config-ipsec-1)# authentication pre-share mysecret

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

description

Use the IPSec description command to enter a description for the connection.

Syntax: (config-ipsec {n})# description description

Field

Definition

description

Enter a description, with a maximum of 64 characters.

 

 

Example: (config-ipsec-1)# description Boulder VPN IPSec0

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

14-2

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

Page 322
Image 322
Carrier Access none manual Aggressive-mode, Authentication, Pre-shared, Rsa-sig, Cert