ZyXEL Communications 3.1 17.2.3 IPSec SA Commands (for Manual Keys), 17.2.4 VPN Concentrator Commands

COMMAND

DESCRIPTION

crypto map map_name

set session-key {ah <256..4095>

Sets the active protocol, SPI (<256..4095>), authentication key and

auth_key esp <256..4095> [cipher

encryption key (if any).

enc_key] authenticator auth_key}

auth_key: You can use any alphanumeric characters or

,;`~!@#$%^&*()_+\{}':./<>=-". The length of the key depends on

the algorithm.

md5 - 16-20 characters

sha - 20 characters

sha256 - 32 characters

sha512 - 64 characters

enc_key: You can use any alphanumeric characters or

,;`~!@#$%^&*()_+\{}':./<>=-". The length of the key depends on

the algorithm.

des - 8-32 characters

3des - 24-32 characters

aes128 - 16-32 characters

aes192 - 24-32 characters

aes256 - 32 characters

If you want to enter the key in hexadecimal, type “0x” at the beginning

of the key. For example, "0x0123456789ABCDEF" is in hexadecimal

format; in “0123456789ABCDEF” is in ASCII format. If you use

hexadecimal, you must enter twice as many characters.

The ZyWALL automatically ignores any characters above the minimum

number of characters required by the algorithm. For example, if you

enter 1234567890XYZ for a DES encryption key, the ZyWALL only

uses 12345678. The ZyWALL still stores the longer key.

local-ip ip

Sets the local gateway address to the specified IP address.

peer-ip ip

Sets the remote gateway address to the specified IP address.

COMMAND

DESCRIPTION

show

vpn-concentrator [profile_name]

Shows the specified VPN concentrator or all VPN concentrators.

[no]

vpn-concentrator profile_name

Creates the specified VPN concentrator if necessary and enters sub-command

mode. The no command deletes the specified VPN concentrator.

147

ZyWALL (ZLD) CLI Reference Guide