Example

NGFW{running-ipsec}phase1 1 proposal propname

NGFW{running-phase1-proposal-propname}help

NGFW{running-phase1-proposal-propname}?

NGFW{running-ipsec}phase2

Enters phase2 proposal context.

Syntax

phase2 VERSION proposal NAME

Valid entries:

VERSION

1

(IKE Version

1)

 

2

(IKE Version

2)

proposal

Phase1

proposal

NAME

Phase1

proposal name : alphanumeric, underscore, dash excluding 'all'

Example

NGFW{running-ipsec}phase2 1 proposal propname

NGFW{running-phase2-proposal-propname}

NGFW{running-ipsec}policy

Enters IPSec Policy sub-context.

Syntax

policy NAME [PRIORITY]

Valid entries:

NAME

IPsec Policy

Name : alphanumeric, underscore, and dash excluding 'all'

PRIORITY

Priority for

NEW policy (1-5989)

Example

NGFW{running-ipsec}policy mypolicy 1

NGFW{running-ipsec-policy-mypolicy}

NGFW{running-ipsec}pre-shared-key

Configures pre-shared key (start with 0x for hexadecimal key).

Syntax

pre-shared-key local (A.B.C.DX:X::X:XLFQDN) remote (A.B.C.DX:X::X:XRFQDNany)

Valid entries:

 

local

Configure local host

A.B.C.D

Local Peer IPv4 address

X:X::X:X

Local Peer IPv6 address

LFQDN

Hostname or user fqdn

remote

Configure remote host

A.B.C.D

Remote Peer IPv4 address

X:X::X:X

Remote Peer IPv6 address

RFQDN

Hostname or user fqdn

any

any remote IP Address

Example

NGFW{running-ipsec}pre-shared-key local 100:0:0:0:0:0:0:1 remote 2001:db8:0:0:0:0:0:1

NGFW Command Line Interface Reference 163

Page 171
Image 171
HP TippingPoint Next Generation Firewall NGFWrunning-ipsecphase2, NGFWrunning-ipsecpolicy, NGFWrunning-ipsecpre-shared-key