3-26 Command Line Interface Commands Reference

IPSec/IKE

Connection Profile IPSec Configuration Commands

cp { name index } ipsec suite encryption { des 3des null } authentication { esp ah } { md5 sha1 } [compression { none lzs }]

cp { name index } ipsec ip

[remote {[members {xxx.xxx.xxx.xxx/nn xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx}] [tep x.x.x.x]}] [local tep x.x.x.x] [via x.x.x.x]

cp { name index } ipsec ip [modify net-index ]

remote members remote IPv4-addr1 [ /nn remote IPv4-addr2 ] local members local IPv4-addr1 [ / nn local IPv4-addr2 ]

cp { name index } ipsec spi rx-esp-spi [ tx-esp-spi [ rx-ah-spi [ tx-ah-spi ]]]

cp { name index } ipsec authentication key string

cp { name index } ipsec encryption key 1234567890123456 [1234567890123456 1234567890123456 ]

cp { name index } ipsec suite encryption { des 3des null } authentication { esp ah } { md5 sha1 } [compression { none lzs }]

This command allows you to specify the IPsec suite encryption type and authentication method for an IPsec tunnel.

cp { name index } ipsec ip

[remote {[members {xxx.xxx.xxx.xxx/nn xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx}] [tep x.x.x.x]}] [local tep x.x.x.x] [via x.x.x.x]

This command sets all the pertinent IP values for the IPSec tunnel. There are three sub-sections of this command, the remote, local, and via. The remote section, if it exists, may contain a members or a tep (“tunnel endpoint”) parameter, or both. The local section, if it exists, may contain only a tep parameter. The optional via section sets the next hop gateway.

cp { name index } ipsec ip [modify net-index ]

remote members remote IPv4-addr1 [ /nn remote IPv4-addr2 ] local members local IPv4-addr1 [ / nn local IPv4-addr2 ]

Note: This command is supported beginning with firmware release 8.2.

Page 169 Page 171
Page 170
Image 170
Netopia CLI 874 manual IPSec/IKE
Page 169 Page 171
Top Page Image Contents