HP Mellanox SX1018 Mellanox MLNX-OS®Command Reference Guide for SX101 - Page 172
Syntax Description, Default, Configuration Mode, History, Example, Enables IPSec peering.
View all HP Mellanox SX1018 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 172 highlights
Rev 1.6.9 Syntax Description enable Enables IPSec peering. ike Configures IPSec peering using IKE ISAKMP to man- age SA keys. It has the following optional parameters: • auth: Configures the authentication algorithm for IPSec peering • dh-group: Configures the phase1 Diffie-Hellman group proposed for secure IKE key exchange • disable: Configures this IPSec peering administratively disabled • encrypt: Configures the encryption algorithm for IPSec peering • exchange-mode: Configures the IKE key exchange mode to propose for peering • lifetime: Configures the SA lifetime to propose for this IPSec peering • local-identity: Configures the ISAKMP payload identifi- cation value to send as local endpoint's identity • mode: Configures the peering mode for this IPSec peer- ing • peer-identity: Configures the identification value to match against the peer's ISAKMP payload identification • pfs-group: Configures the phase2 PFS (Perfect Forward- ing Secrecy) group to propose for Diffie-Hellman exchange for this IPSec peering • preshared-key: Configures the IKE pre-shared key for the IPSec peering • prompt-preshared-key: Prompts for the pre-shared key, rather than entering it on the command line • transform-set: Configures transform proposal parameters keying Configures key management for this IPSec peering: • auth: Configures the authentication algorithm for this IPSec peering • disable: Configures this IPSec peering administratively disabled • encrypt: Configures the encryption algorithm for this IPSec peering • local-spi: Configures the local SPI for this manual IPSec peering • mode: Configures the peering mode for this IPSec peer- ing • remote-spi: Configures the remote SPI for this manual IPSec peering manual Configures IPSec peering using manual keys. Default N/A Configuration Mode Config History 3.2.3000 Role admin Example switch (config)# crypto ipsec peer 10.10.10.10 local 10.7.34.139 enable switch (config)# Mellanox Technologies 172 Mellanox® Technologies Confidential