HP 8/40 Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, Apri - Page 410
Specifies DH group, AES 128-bit algorithm
View all HP 8/40 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 410 highlights
2 ipsecConfig policy ike Creates or modifies an IKE policy configuration. No subtype is required with this command. The command defines the following IKE policy parameters: IKE version, IP address of the remote entity, IP address of the local entity, encryption algorithm, hash algorithm, PRF algorithm, DH group, authentication method, path and filename of the pre-shared key. The syntax is as follows: ipsecConfig --add | --modify ike arguments. arguments Valid arguments for policy ike include: -tag name Specifies a name for the IKE policy. This is a user-generated name. The name must be between 1 and 32 characters in length, and may include alphanumeric characters, dashes (-), and underscores (_). This operand is required. remote IP_address[/prefixlength] Specifies the peer IPv4 or IPv6 address and prefix. -id identifier Specifies the local identifier. The switch is identified by its IPv4 or IPv6 address. -remoteid identifier Specifies the peer identifier. The remote peer is identified by its IPv4 or IPv6 address. -enc algorithm Specifies the encryption algorithm. Valid encryption algorithms include the following: • 3des_cbc - 3DES algorithm • blowfish_cbc - Blowfish algorithm • aes128_cbc - AES 128-bit algorithm • aes256_cbc - AES 256-bit algorithm • null_enc - Null encryption algorithm (cleartext) -hash algorithm Specifies the hash algorithm. Valid hash algorithms include the following: -prf algorithm • hmac_md5 - MD5 algorithm • hmac_sha1 - SH1 algorithm Specifies the PFR algorithm. Valid PRF algorithms include the following: • hmac_md5 - MD5 algorithm • hmac_sha1 - SH1 algorithm -auth psk|dss|rsasig Specifies the authentication method as one of the following: psk Authenticate using pre-shared keys. dss Authenticate using digital signature standard. -dh number rsasig Authenticate using an RSA signature. Specifies the DH group number as one of the following: 1 Specifies DH group modp768. 2 Specifies DH group modp1024. 14 Specifies DH group modp2048. 382 Fabric OS Command Reference 53-1001186-01